CVE-2023-53990

Vulnerability

CVE-2023-53990 is a missing lock vulnerability in the Linux kernel's CIFS (SMB3) client file system (cifs). The function cifs_del_deferred_close modifies the deferred close file list without holding the deferred_lock mutex. This critical section must be protected to prevent concurrent access from corrupting the list [1][2].

Exploitation

An attacker with local access and the ability to trigger SMB3 file operations (e.g., opening and closing files) could exploit this race condition. The attack requires precise attack surface requires the attacker to be able to execute code on the system and cause concurrent calls to the deferred close path. No special network position on the network is required beyond local user access.## Impact

Successful exploitation could lead to a use-after-free or list corruption, potentially resulting in a kernel crash (denial of service) or, in some cases, arbitrary code execution with kernel privileges. The vulnerability is classified as a high-severity issue due to the missing synchronization.## Mitigation

The fix adds the necessary deferred_lock acquisition before calling cifs_del_deferred_close. Patches have been applied to the stable kernel trees [1][2]. Users should update to the latest kernel versions to mitigate the risk.