CVE-2023-53025 Information

Description

In the Linux kernel the following vulnerability has been resolved:

NFSD: fix use-after-free in nfsd4_ssc_setup_dul()

If signal_pending() returns true schedule_timeout() will not be executed causing the waiting task to remain in the wait queue. Fixed by adding a call to finish_wait() which ensures that the waiting task will always be removed from the wait queue.

Reference

https://git.kernel.org/stable/c/0a27dcd5343026ac0cb168ee63304255372b7a36 https://git.kernel.org/stable/c/32d5eb95f8f0e362e37c393310b13b9e95404560 https://git.kernel.org/stable/c/6ac4c383c39f8f2f955f868d1ad9365c2363e80b https://git.kernel.org/stable/c/e6cf91b7b47ff82b624bdfe2fdcde32bb52e71dd