CVE & CISA-KEV Catalog

CVE-2023-53698

UNSCORED

Description

In the Linux kernel, the following vulnerability has been resolved: xsk: fix refcount underflow in error path Fix a refcount underflow problem reported by syzbot that can happen when a system is running out of memory. If xp_alloc_tx_descs() fails, and it can only fail due to not having enough memory, then the error path is triggered. In this error path, the refcount of the pool is decremented as it has incremented before. However, the reference to the pool in the socket was not nulled. This means that when the socket is closed later, the socket teardown logic will think that there is a pool attached to the socket and try to decrease the refcount again, leading to a refcount underflow. I chose this fix as it involved adding just a single line. Another option would have been to move xp_get_pool() and the assignment of xs->pool to after the if-statement and using xs_umem->pool instead of xs->pool in the whole if-statement resulting in somewhat simpler code, but this would have led to much more churn in the code base perhaps making it harder to backport.

How to fix

Remediation Available
linuxDebian
Fixed in:6.1.52-1CVE-2023-53698
Fixed in:6.4.11-1CVE-2023-53698
Fixed in:6.4.11-1CVE-2023-53698
bpftoolRocky
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
bpftoolRed Hat / RHEL
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
bpftool-debuginfoRocky
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
bpftool-debuginfoRed Hat / RHEL
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernelRocky
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernelRed Hat / RHEL
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-abi-stablelistsRed Hat / RHEL
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-abi-stablelistsRocky
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-coreRocky
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-coreRed Hat / RHEL
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-debugRocky
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-debugRed Hat / RHEL
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-debug-coreRocky
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-debug-coreRed Hat / RHEL
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-debug-debuginfoRocky
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-debug-debuginfoRed Hat / RHEL
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-debug-develRocky
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-debug-develRed Hat / RHEL
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-debug-modulesRed Hat / RHEL
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-debug-modulesRocky
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-debug-modules-extraRed Hat / RHEL
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-debug-modules-extraRocky
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-debuginfoRed Hat / RHEL
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-debuginfoRocky
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-debuginfo-common-aarch64Rocky
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-debuginfo-common-aarch64Red Hat / RHEL
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-debuginfo-common-ppc64leRed Hat / RHEL
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-debuginfo-common-ppc64leRocky
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-debuginfo-common-s390xRocky
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-debuginfo-common-s390xRed Hat / RHEL
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-debuginfo-common-x86_64Rocky
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-debuginfo-common-x86_64Red Hat / RHEL
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-develRed Hat / RHEL
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-develRocky
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-docRocky
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-docRed Hat / RHEL
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-modulesRocky
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-modulesRed Hat / RHEL
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-modules-extraRocky
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-modules-extraRed Hat / RHEL
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-toolsRocky
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-toolsRed Hat / RHEL
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-tools-debuginfoRed Hat / RHEL
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-tools-debuginfoRocky
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-tools-libsRocky
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-tools-libsRed Hat / RHEL
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-tools-libs-develRocky
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-tools-libs-develRed Hat / RHEL
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-zfcpdumpRocky
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-zfcpdumpRed Hat / RHEL
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-zfcpdump-coreRed Hat / RHEL
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-zfcpdump-coreRocky
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-zfcpdump-debuginfoRed Hat / RHEL
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-zfcpdump-debuginfoRocky
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-zfcpdump-develRocky
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-zfcpdump-develRed Hat / RHEL
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-zfcpdump-modulesRed Hat / RHEL
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-zfcpdump-modulesRocky
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-zfcpdump-modules-extraRed Hat / RHEL
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
kernel-zfcpdump-modules-extraRocky
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
perfRocky
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
perfRed Hat / RHEL
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
perf-debuginfoRed Hat / RHEL
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
perf-debuginfoRocky
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
python3-perfRed Hat / RHEL
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
python3-perfRocky
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
python3-perf-debuginfoRocky
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
python3-perf-debuginfoRed Hat / RHEL
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138
Fixed in:0:4.18.0-553.el8_10RHSA-2024:3138

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3.1 Vector

No CVSS vector data available.

Exploit Intelligence

0.19%probability of exploitation in 30 days
9thpercentile

Low risk: more likely to be exploited than 9% of all known CVEs.

References

Embed a live status badge for CVE-2023-53698
CVE-2023-53698 severity badge

Markdown

[![CVE-2023-53698](https://tridentstack.com/cve/badge/CVE-2023-53698.svg)](https://tridentstack.com/cve/CVE-2023-53698)

HTML

<a href="https://tridentstack.com/cve/CVE-2023-53698"><img src="https://tridentstack.com/cve/badge/CVE-2023-53698.svg" alt="CVE-2023-53698"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2025-10-22.