Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

CVE-2023-53377

Gravedad:
Pendiente de análisis
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
18/09/2025
Última modificación:
19/09/2025

Descripción

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> cifs: prevent use-after-free by freeing the cfile later<br /> <br /> In smb2_compound_op we have a possible use-after-free<br /> which can cause hard to debug problems later on.<br /> <br /> This was revealed during stress testing with KASAN enabled<br /> kernel. Fixing it by moving the cfile free call to<br /> a few lines below, after the usage.

Impacto