CVE-2023-53799
Description
In the Linux kernel, the following vulnerability has been resolved:
crypto: api - Use work queue in crypto_destroy_instance
The function crypto_drop_spawn expects to be called in process context. However, when an instance is unregistered while it still has active users, the last user may cause the instance to be freed in atomic context.
Fix this by delaying the freeing to a work queue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
In the Linux kernel, a use-after-free in crypto_destroy_instance occurs when an instance is freed in atomic context, fixed by deferring to a work queue.
Vulnerability
In the Linux kernel's crypto subsystem, the function crypto_destroy_instance could be called in atomic context when the last user of a crypto instance releases it. This violates the requirement of crypto_drop_spawn to be called in process context, leading to a potential use-after-free or other memory corruption [1].
Exploitation
An attacker would need to trigger the unregistration of a crypto instance while it still has active users. The final user's release operation, which may occur in atomic context (e.g., from a softirq a softirq or timer), would then invoke crypto_destroy_instance incorrectly. No special privileges or
Impact
Successful exploitation could allow an attacker to cause a kernel crash (denial of service) or potentially escalate privileges, depending on the memory layout and timing [1].
Mitigation
The fix, merged into the Linux kernel stable tree, defers the freeing of the instance to a work queue, ensuring that crypto_drop_spawn is always called in process context [1]. Users should apply the corresponding kernel update.
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2Patches
6625bf86bf53e048545d9fc64c4cb61c5f976867a14669096c0dbcebc7f399ae4577bc077Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
6- git.kernel.org/stable/c/048545d9fc6424b0a11e7e8771225bb9afe09422nvd
- git.kernel.org/stable/c/625bf86bf53eb7a8ee60fb9dc45b272b77e5ce1cnvd
- git.kernel.org/stable/c/867a146690960ac7b89ce40f4ee60dd32eeb1682nvd
- git.kernel.org/stable/c/9ae4577bc077a7e32c3c7d442c95bc76865c0f17nvd
- git.kernel.org/stable/c/c0dbcebc7f390ec7dbe010dcc22c60f0c6bfc26dnvd
- git.kernel.org/stable/c/c4cb61c5f976183c07d16b0071f0c60bc212ef1fnvd
News mentions
0No linked articles in our index yet.