CVE-2023-53794

Advisory lineage Upstream: 0 Downstream: 27

Downstream

DEBIAN-CVE-2023-53794 SUSE-SU-2026:0263-1 SUSE-SU-2026:0278-1 SUSE-SU-2026:0281-1 SUSE-SU-2026:0293-1 SUSE-SU-2026:0315-1

Deferred

Published: 09 Dec 2025, 00:00

Last modified:23 May 2026, 15:31

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

0.02% LOW

0% probability 0.00%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

09 Dec 2025, 00:00

Published

Vulnerability first disclosed

23 May 2026, 15:31

Last Modified

Vulnerability information updated

Description

In the Linux kernel, the following vulnerability has been resolved: cifs: fix session state check in reconnect to avoid use-after-free issue Don't collect exiting session in smb2_reconnect_server(), because it will be released soon. Note that the exiting session will stay in server->smb_ses_list until it complete the cifs_free_ipc() and logoff() and then delete itself from the list.

EPSS Trends

Current EPSS score: 0.02%• Percentile: 7%

Affected Systems

linux•linux
≥ 4fcd1813e6404dd4420c7d12fb483f9320f0bf93, < 7e4f5c3f01fb0e51ca438e43262d858daf9a0a76 | ≥ 4fcd1813e6404dd4420c7d12fb483f9320f0bf93, < 759ffc164d95a32c09528766d74d9b4fb054e8f4 | ≥ 4fcd1813e6404dd4420c7d12fb483f9320f0bf93, < 99f280700b4cc02d5f141b8d15f8e9fad0418f65 | 655e0c067f0e02ece03fd0591dabe3db2ae27552 | 875cc09c0767a4ac06b57af383709657f98b3ea1 | 599fe1409085059ba12a2c3897c853be9fa9e7cf | 2e4378ee60049b752c9dce16f62ce6fbd11b379a | 59b520454b323ec43b2ae757217332cea33091e0 | e20c888e2b3576e5f498c167729d274ef60b86f8 | 4ce7aa4e44d88ce64ea8ae2337b8910f3670b0ba | 419fad68e4c4135ff9859e9214dd6cf954413ca1 | ≥ 3.10.103, < 3.11 | ≥ 3.12.63, < 3.13 | ≥ 3.14.74, < 3.15 | ≥ 3.16.37, < 3.17 | ≥ 3.18.37, < 3.19 | ≥ 4.1.28, < 4.2 | ≥ 4.4.16, < 4.5 | ≥ 4.6.5, < 4.7 | 4.7