Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-53614— mm/ksm: fix race with VMA iteration and mm_struct teardown

EPSS 0.01% · P1
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2023-53614

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
mm/ksm: fix race with VMA iteration and mm_struct teardown
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: mm/ksm: fix race with VMA iteration and mm_struct teardown exit_mmap() will tear down the VMAs and maple tree with the mmap_lock held in write mode. Ensure that the maple tree is still valid by checking ksm_test_exit() after taking the mmap_lock in read mode, but before the for_each_vma() iterator dereferences a destroyed maple tree. Since the maple tree is destroyed, the flags telling lockdep to check an external lock has been cleared. Skip the for_each_vma() iterator to avoid dereferencing a maple tree without the external lock flag, which would create a lockdep warning.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于VMA迭代和mm_struct销毁之间存在竞争条件,可能导致锁依赖警告。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
LinuxLinux a5f18ba0727656bd1fe3bcdb0d563f81790f9a04 ~ 286b0cab31bac29960e5684f6fb331d42f03b363 -
LinuxLinux 6.1 -

II. Public POCs for CVE-2023-53614

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2023-53614

登录查看更多情报信息。

Same Patch Batch · Linux · 2025-10-04 · 144 CVEs total

CVE-2025-399469.8 CRITICALtls: make sure to abort the stream if headers are bogus
CVE-2022-50489drm/mipi-dsi: Detach devices when removing the host
CVE-2023-53580USB: Gadget: core: Help prevent panic during UVC unconfigure
CVE-2022-50507fs/ntfs3: Validate data run offset
CVE-2022-50508wifi: mt76: mt76x0: fix oob access in mt76x0_phy_get_target_power
CVE-2022-50506drbd: only clone bio if we have a backing device
CVE-2022-50504powerpc/rtas: avoid scheduling in rtas_os_term()
CVE-2022-50505iommu/amd: Fix pci device refcount leak in ppr_notifier()
CVE-2022-50503mtd: lpddr2_nvm: Fix possible null-ptr-deref
CVE-2022-50501media: coda: Add check for dcoda_iram_alloc
CVE-2022-50500netdevsim: fix memory leak in nsim_drv_probe() when nsim_dev_resources_register() failed
CVE-2022-50499media: dvb-core: Fix double free in dvb_register_device()
CVE-2022-50497binfmt_misc: fix shift-out-of-bounds in check_special_flags
CVE-2022-50498eth: alx: take rtnl_lock on resume
CVE-2022-50496dm cache: Fix UAF in destroy()
CVE-2022-50494thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to avoid crash
CVE-2022-50493scsi: qla2xxx: Fix crash when I/O abort times out
CVE-2022-50492drm/msm: fix use-after-free on probe deferral
CVE-2022-50490bpf: Propagate error from htab_lock_bucket() to userspace
CVE-2023-53570wifi: nl80211: fix integer overflow in nl80211_parse_mbssid_elems()

Showing top 20 of 144 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Linux
Same vendor: Linux

V. Comments for CVE-2023-53614

No comments yet

Leave a comment