CVE-2023-53759
BaseFortify
Publication date: 2025-12-08
Last updated on: 2025-12-08
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a data race condition in the Linux kernel's hidraw driver. Specifically, the hidraw_open() function increments a device reference counter without proper synchronization, which can lead to concurrent access issues when multiple processes open the device simultaneously. This race condition was introduced by a recent change replacing a mutex with a read-write semaphore that does not adequately protect the reference counter.
How can this vulnerability impact me? :
The data race on the device reference counter could lead to inconsistent or corrupted state within the hidraw device management. This might cause unexpected behavior, crashes, or resource leaks when multiple processes access the device concurrently, potentially affecting system stability or security.