What is CVE-2023-53848?

CVE-2023-53848 is a unscored severity Linux kernel vulnerability, affecting Linux kernel versions from 6.0 onward and patched in 6.1.53, 6.4.16, 6.5.3 and others. CVE-2023-53848 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

What is the CVSS score for CVE-2023-53848?

CVE-2023-53848 has a CVSS score of pending NVD analysis out of 10, rated awaiting scoring severity.

Is there a patch available for CVE-2023-53848?

Yes, CVE-2023-53848 has been patched. Fixed versions include 6.1.53, 6.4.16, 6.5.3 and others. If you are running Linux kernel 6.0 or later up to the fix versions, apply the relevant patch for your kernel branch.

Is CVE-2023-53848 actively exploited?

CVE-2023-53848 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

CVE-2023-53848

In the Linux kernel, the following vulnerability has been resolved: md/raid5-cache: fix a deadlock in r5l_exit_log() Commit b13015af94cf ("md/raid5-cache: Clear conf->log after finishing work") introduce a new problem: // caller hold reconfig_mutex r5l_exit_log flush_work(&log->disable_writeback_work) r5c_disable_writeback_async wait_event /* * conf->log is not NULL, and mddev_trylock() * will fail, wait_event() can never pass. */ conf->log = NULL Fix this problem by setting 'config->log' to NULL before wake_up() as it used to be, so that wait_event() from r5c_disable_writeback_async() can exist. In the meantime, move forward md_unregister_thread() so that null-ptr-deref this commit fixed can still be fixed.

Package Linux Kernel

Published 2025-12-09

Last modified 2026-04-15

Patch available

Yes

Affected versions

Linux kernel versions 6.0 and later are affected. Fixed in 6.1.53, 6.4.16, 6.5.3, 6.6 and their respective stable series.

Affected from

≥ 6.0

Fixed in

✓ 6.1.53 6.1.x ✓ 6.4.16 6.4.x ✓ 6.5.3 6.5.x ✓ 6.6

References

The following references provide additional information about CVE-2023-53848 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.

Kernel patch commit
https://git.kernel.org/stable/c/71cf23271f015a57038bdc4669952096f9fe5500
Patch
Kernel patch commit
https://git.kernel.org/stable/c/a705b11b358dee677aad80630e7608b2d5f56691
Patch
Kernel patch commit
https://git.kernel.org/stable/c/ac9e103f282a7854f3274ef5ff0742fbbe8d7d6b
Patch

4 patch commits total View all on NVD

Frequently asked questions

What is CVE-2023-53848?

CVE-2023-53848 is a unscored severity Linux kernel vulnerability . It affects Linux kernel versions from 6.0 onward and has been patched in 6.1.53, 6.4.16, 6.5.3 and others. CVE-2023-53848 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
Is there a patch available for CVE-2023-53848?

Yes — CVE-2023-53848 has been patched. Fixed versions include 6.1.53, 6.4.16, 6.5.3 and others. If you are running Linux kernel 6.0 or later up to the fix versions, apply the relevant patch for your kernel branch.
Is CVE-2023-53848 actively exploited?

No — CVE-2023-53848 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.