CVE-2023-53307

HIGH 7.8

rbd: avoid use-after-free in do_rbd_add() when rbd_dev_create() fails

CVSS Score

7.8

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: rbd: avoid use-after-free in do_rbd_add() when rbd_dev_create() fails If getting an ID or setting up a work queue in rbd_dev_create() fails, use-after-free on rbd_dev->rbd_client, rbd_dev->spec and rbd_dev->opts is triggered in do_rbd_add(). The root cause is that the ownership of these structures is transfered to rbd_dev prematurely and they all end up getting freed when rbd_dev_create() calls rbd_dev_free() prior to returning to do_rbd_add(). Found by Linux Verification Center (linuxtesting.org) with SVACE, an incomplete patch submitted by Natalia Petrova <[email protected]>.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Sep 16, 2025
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new high vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

1643dfa4c2c827d6e2aa419df8c17b0f24090278 < 71da2a151ed1adb0aea4252b16d81b53012e7afd 1643dfa4c2c827d6e2aa419df8c17b0f24090278 < e3cbb4d60764295992c95344f2d779439e8b34ce 1643dfa4c2c827d6e2aa419df8c17b0f24090278 < 9787b328c42c13c4f31e7d5042c4e877e9344068 1643dfa4c2c827d6e2aa419df8c17b0f24090278 < ae16346078b1189aee934afd872d9f3d0a682c33 1643dfa4c2c827d6e2aa419df8c17b0f24090278 < a73783e4e0c4d1507794da211eeca75498544dff 1643dfa4c2c827d6e2aa419df8c17b0f24090278 < faa7b683e436664fff5648426950718277831348 1643dfa4c2c827d6e2aa419df8c17b0f24090278 < cc8c0dd2984503ed09efa37bcafcef3d3da104e8 1643dfa4c2c827d6e2aa419df8c17b0f24090278 < f7c4d9b133c7a04ca619355574e96b6abf209fba

Linux / Linux

4.9

References

NVD ↗ CVE.org ↗ EPSS Data ↗