CVE-2023-53299

MEDIUM EPSS 3.7%
Published Sep 16, 20259mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Sep 16, 2025 9mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix leak of 'r10bio->remaining' for recovery raid10_sync_request() will add 'r10bio->remaining' for both rdev and replacement rdev. However, if the read io fails, recovery_request_write() returns without issuing the write io, in this case, end_sync_request() is only called once and 'remaining' is leaked, cause an io hang. Fix the problem by decreasing 'remaining' according to if 'bio' and 'repl_bio' is valid.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
3.7% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-401

Affected Products 8

VendorProductVersionRange
linuxlinux_kernel*≥3.3  –  <4.14.315
linuxlinux_kernel*≥4.15  –  <4.19.283
linuxlinux_kernel*≥4.20  –  <5.4.243
linuxlinux_kernel*≥5.5  –  <5.10.180
linuxlinux_kernel*≥5.11  –  <5.15.111
linuxlinux_kernel*≥5.16  –  <6.1.28
linuxlinux_kernel*≥6.2  –  <6.2.15
linuxlinux_kernel*≥6.3  –  <6.3.2

References 9

  • git.kernel.org https://git.kernel.org/stable/c/11141630f03efffdfe260b3582b2d93d38171b97
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/1697fb124c6d6c5237e9cbd78890310154738084
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/1d2c6c6e37fe5de11fd01a82badf03390e12df7a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/26208a7cffd0c7cbf14237ccd20c7270b3ffeb7e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3481dec5ecbbbbe44ab23e22c2b14bd65c644ec6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4f82e7e07cdaf2947d71968e3d6b73370a217093
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8c5d5d7ffd1e76734811b8ea5417cf0432b9952c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8d09065802c53cc938d162b62f6c4150b392c90e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/cb827ed2bb34480dc102146d3a1f89fdbcafc028
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/11141630f03efffdfe260b3582b2d93d38171b97
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/1697fb124c6d6c5237e9cbd78890310154738084
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/1d2c6c6e37fe5de11fd01a82badf03390e12df7a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/26208a7cffd0c7cbf14237ccd20c7270b3ffeb7e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3481dec5ecbbbbe44ab23e22c2b14bd65c644ec6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4f82e7e07cdaf2947d71968e3d6b73370a217093
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8c5d5d7ffd1e76734811b8ea5417cf0432b9952c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8d09065802c53cc938d162b62f6c4150b392c90e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/cb827ed2bb34480dc102146d3a1f89fdbcafc028
    Patch