What is CVE-2023-53790?

CVE-2023-53790 is a unscored severity Linux kernel vulnerability, affecting Linux kernel versions from 6.1 onward and patched in 6.1.16, 6.2.3 and 6.3. CVE-2023-53790 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

What is the CVSS score for CVE-2023-53790?

CVE-2023-53790 has a CVSS score of pending NVD analysis out of 10, rated awaiting scoring severity.

Is there a patch available for CVE-2023-53790?

Yes, CVE-2023-53790 has been patched. Fixed versions include 6.1.16, 6.2.3 and 6.3. If you are running Linux kernel 6.1 or later up to the fix versions, apply the relevant patch for your kernel branch.

Is CVE-2023-53790 actively exploited?

CVE-2023-53790 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

CVE-2023-53790

In the Linux kernel, the following vulnerability has been resolved: bpf: Zeroing allocated object from slab in bpf memory allocator Currently the freed element in bpf memory allocator may be immediately reused, for htab map the reuse will reinitialize special fields in map value (e.g., bpf_spin_lock), but lookup procedure may still access these special fields, and it may lead to hard-lockup as shown below: NMI backtrace for cpu 16 CPU: 16 PID: 2574 Comm: htab.bin Tainted: G L 6.1.0+ #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), RIP: 0010:queued_spin_lock_slowpath+0x283/0x2c0 ...... Call Trace: <TASK> copy_map_value_locked+0xb7/0x170 bpf_map_copy_value+0x113/0x3c0 __sys_bpf+0x1c67/0x2780 __x64_sys_bpf+0x1c/0x20 do_syscall_64+0x30/0x60 entry_SYSCALL_64_after_hwframe+0x46/0xb0 ...... </TASK> For htab map, just like the preallocated case, these is no need to initialize these special fields in map value again once these fields have been initialized. For preallocated htab map, these fields are initialized through __GFP_ZERO in bpf_map_area_alloc(), so do the similar thing for non-preallocated htab in bpf memory allocator. And there is no need to use __GFP_ZERO for per-cpu bpf memory allocator, because __alloc_percpu_gfp() does it implicitly.

Package Linux Kernel

Published 2025-12-09

Last modified 2026-04-15

Patch available

Yes

Affected versions

Linux kernel versions 6.1 and later are affected. Fixed in 6.1.16, 6.2.3, 6.3 and their respective stable series.

Affected from

≥ 6.1

Fixed in

✓ 6.1.16 6.1.x ✓ 6.2.3 6.2.x ✓ 6.3

References

The following references provide additional information about CVE-2023-53790 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.

Kernel patch commit
https://git.kernel.org/stable/c/5d447e04290e78bdc1a3a6c321320d384e09c2f1
Patch
Kernel patch commit
https://git.kernel.org/stable/c/678ea18d6240299fd77d7000c8b1d7e5f274c8af
Patch
Kernel patch commit
https://git.kernel.org/stable/c/997849c4b969034e225153f41026657def66d286
Patch

Frequently asked questions

What is CVE-2023-53790?

CVE-2023-53790 is a unscored severity Linux kernel vulnerability . It affects Linux kernel versions from 6.1 onward and has been patched in 6.1.16, 6.2.3 and 6.3. CVE-2023-53790 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
Is there a patch available for CVE-2023-53790?

Yes — CVE-2023-53790 has been patched. Fixed versions include 6.1.16, 6.2.3 and 6.3. If you are running Linux kernel 6.1 or later up to the fix versions, apply the relevant patch for your kernel branch.
Is CVE-2023-53790 actively exploited?

No — CVE-2023-53790 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.