CVE-2023-53207

MEDIUM EPSS 4.0%
Published Sep 15, 20259mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Sep 15, 2025 9mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: ublk: fail to recover device if queue setup is interrupted In ublk_ctrl_end_recovery(), if wait_for_completion_interruptible() is interrupted by signal, queues aren't setup successfully yet, so we have to fail UBLK_CMD_END_USER_RECOVERY, otherwise kernel oops can be triggered.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
4.0% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 5

VendorProductVersionRange
linuxlinux_kernel*≥6.1  –  <6.1.43
linuxlinux_kernel*≥6.2  –  <6.4.8
linuxlinux_kernel6.5any
linuxlinux_kernel6.5any
linuxlinux_kernel6.5any

References 3

  • git.kernel.org https://git.kernel.org/stable/c/0c0cbd4ebc375ceebc75c89df04b74f215fab23a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/84415f934ad4e96f3507fd09b831953d60fb04ec
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b3a1e243a74632f88b22e713f1c7256754017d58
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/0c0cbd4ebc375ceebc75c89df04b74f215fab23a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/84415f934ad4e96f3507fd09b831953d60fb04ec
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b3a1e243a74632f88b22e713f1c7256754017d58
    Patch