CVE-2023-53380

MEDIUM EPSS 3.5%
Published Sep 18, 20259mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Sep 18, 2025 9mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request There are two check of 'mreplace' in raid10_sync_request(). In the first check, 'need_replace' will be set and 'mreplace' will be used later if no-Faulty 'mreplace' exists, In the second check, 'mreplace' will be set to NULL if it is Faulty, but 'need_replace' will not be changed accordingly. null-ptr-deref occurs if Faulty is set between two check. Fix it by merging two checks into one. And replace 'need_replace' with 'mreplace' because their values are always the same.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
3.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-476 NULL Pointer Dereference Memory Safety

Affected Products 6

VendorProductVersionRange
linuxlinux_kernel*≥4.20  –  <5.4.251
linuxlinux_kernel*≥5.5  –  <5.10.188
linuxlinux_kernel*≥5.11  –  <5.15.121
linuxlinux_kernel*≥5.16  –  <6.1.39
linuxlinux_kernel*≥6.2  –  <6.3.13
linuxlinux_kernel*≥6.4  –  <6.4.4

References 7

  • git.kernel.org https://git.kernel.org/stable/c/144c7fd008e0072b0b565f1157eec618de54ca8a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/222cc459d59857ee28a5366dc225ab42b22f9272
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2990e2ece18dd4cca71b3109c80517ad94adb065
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/34817a2441747b48e444cb0e05d84e14bc9443da
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/45fa023b3334a7ae6f6c4eb977295804222dfa28
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b5015b97adda6a24dd3e713c63e521ecbeff25c6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f4368a462b1f9a8ecc2fdb09a28c3d4cad302a4f
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/144c7fd008e0072b0b565f1157eec618de54ca8a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/222cc459d59857ee28a5366dc225ab42b22f9272
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2990e2ece18dd4cca71b3109c80517ad94adb065
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/34817a2441747b48e444cb0e05d84e14bc9443da
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/45fa023b3334a7ae6f6c4eb977295804222dfa28
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b5015b97adda6a24dd3e713c63e521ecbeff25c6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f4368a462b1f9a8ecc2fdb09a28c3d4cad302a4f
    Patch