CVE-2023-53990

medium

Description

In the Linux kernel, the following vulnerability has been resolved: SMB3: Add missing locks to protect deferred close file list cifs_del_deferred_close function has a critical section which modifies the deferred close file list. We must acquire deferred_lock before calling cifs_del_deferred_close function.

References

https://git.kernel.org/stable/c/cb36365dac25d546ca4af0eb22acb43c9b4ddfdf

https://git.kernel.org/stable/c/ab9ddc87a9055c4bebd6524d5d761d605d52e557

https://git.kernel.org/stable/c/3aa9d065b0685b4e6052f3f2a2462966fdc44fd2

https://git.kernel.org/stable/c/32a046ccaeea6c19965c04a4c521e703f6607924

https://git.kernel.org/stable/c/0f87e18203bd30f71eb1a65259e28e291b6cc43a

Details

Source: Mitre, NVD

Published: 2025-12-24

Updated: 2025-12-29

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00018