CVE-2023-53614
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-04

Last updated on: 2026-03-17

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: mm/ksm: fix race with VMA iteration and mm_struct teardown exit_mmap() will tear down the VMAs and maple tree with the mmap_lock held in write mode. Ensure that the maple tree is still valid by checking ksm_test_exit() after taking the mmap_lock in read mode, but before the for_each_vma() iterator dereferences a destroyed maple tree. Since the maple tree is destroyed, the flags telling lockdep to check an external lock has been cleared. Skip the for_each_vma() iterator to avoid dereferencing a maple tree without the external lock flag, which would create a lockdep warning.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-04
Last Modified
2026-03-17
Generated
2026-06-16
AI Q&A
2025-10-04
EPSS Evaluated
2026-06-14
NVD
CVE-2023-53614
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
linux linux_kernel 6.3
linux linux_kernel From 5.15.160 (inc) to 5.16 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-362 The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability involves a race condition in the Linux kernel's memory management subsystem, specifically in the Kernel Samepage Merging (KSM) feature. The issue occurs during the teardown of virtual memory areas (VMAs) and the associated maple tree data structure. The problem arises because the maple tree can be destroyed while it is still being iterated over, leading to potential dereferencing of invalid memory and lock dependency warnings. The fix ensures that the maple tree is still valid before iterating by checking the state after acquiring the mmap_lock in read mode, thus preventing unsafe access.

Impact Analysis

This vulnerability can lead to race conditions that may cause kernel instability or crashes due to invalid memory access when the maple tree is destroyed while being accessed. It could also trigger lock dependency warnings, which indicate potential deadlocks or synchronization issues in the kernel. While no direct exploitation details are provided, such kernel-level issues can impact system reliability and security.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-53614. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart