What is CVE-2023-53712?

CVE-2023-53712 is a unscored severity Linux kernel vulnerability, affecting Linux kernel versions from 2.6.38 onward and patched in 5.15.133, 6.1.55, 6.5.5 and others. CVE-2023-53712 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

What is the CVSS score for CVE-2023-53712?

CVE-2023-53712 has a CVSS score of pending NVD analysis out of 10, rated awaiting scoring severity.

Is there a patch available for CVE-2023-53712?

Yes, CVE-2023-53712 has been patched. Fixed versions include 5.15.133, 6.1.55, 6.5.5 and others. If you are running Linux kernel 2.6.38 or later up to the fix versions, apply the relevant patch for your kernel branch.

Is CVE-2023-53712 actively exploited?

CVE-2023-53712 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

CVE-2023-53712

In the Linux kernel, the following vulnerability has been resolved: ARM: 9317/1: kexec: Make smp stop calls asynchronous If a panic is triggered by a hrtimer interrupt all online cpus will be notified and set offline. But as highlighted by commit 19dbdcb8039c ("smp: Warn on function calls from softirq context") this call should not be made synchronous with disabled interrupts: softdog: Initiating panic Kernel panic - not syncing: Software Watchdog Timer expired WARNING: CPU: 1 PID: 0 at kernel/smp.c:753 smp_call_function_many_cond unwind_backtrace: show_stack dump_stack_lvl __warn warn_slowpath_fmt smp_call_function_many_cond smp_call_function crash_smp_send_stop.part.0 machine_crash_shutdown __crash_kexec panic softdog_fire __hrtimer_run_queues hrtimer_interrupt Make the smp call for machine_crash_nonpanic_core() asynchronous.

Package Linux Kernel

Published 2025-10-22

Last modified 2026-04-15

Patch available

Yes

Affected versions

Linux kernel versions 2.6.38 and later are affected. Fixed in 5.15.133, 6.1.55, 6.5.5, 6.6 and their respective stable series.

Affected from

≥ 2.6.38

Fixed in

✓ 5.15.133 5.15.x ✓ 6.1.55 6.1.x ✓ 6.5.5 6.5.x ✓ 6.6

References

The following references provide additional information about CVE-2023-53712 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.

Kernel patch commit
https://git.kernel.org/stable/c/46870eea5496ff277e86187a49ac5a667cfe60c4
Patch
Kernel patch commit
https://git.kernel.org/stable/c/5590ba4560eefbd19a4ed07c7e7c8e4c51ffc628
Patch
Kernel patch commit
https://git.kernel.org/stable/c/8922ba71c969d2a0c01a94372a71477d879470de
Patch

4 patch commits total View all on NVD

Frequently asked questions

What is CVE-2023-53712?

CVE-2023-53712 is a unscored severity Linux kernel vulnerability . It affects Linux kernel versions from 2.6.38 onward and has been patched in 5.15.133, 6.1.55, 6.5.5 and others. CVE-2023-53712 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
Is there a patch available for CVE-2023-53712?

Yes — CVE-2023-53712 has been patched. Fixed versions include 5.15.133, 6.1.55, 6.5.5 and others. If you are running Linux kernel 2.6.38 or later up to the fix versions, apply the relevant patch for your kernel branch.
Is CVE-2023-53712 actively exploited?

No — CVE-2023-53712 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.