CVE-2023-53826
ubi: Fix UAF wear-leveling entry in eraseblk_count_seq_show()
Description
In the Linux kernel, the following vulnerability has been resolved: ubi: Fix UAF wear-leveling entry in eraseblk_count_seq_show() Wear-leveling entry could be freed in error path, which may be accessed again in eraseblk_count_seq_show(), for example: __erase_worker eraseblk_count_seq_show wl = ubi->lookuptbl[*block_number] if (wl) wl_entry_destroy ubi->lookuptbl[e->pnum] = NULL kmem_cache_free(ubi_wl_entry_slab, e) erase_count = wl->ec // UAF! Wear-leveling entry updating/accessing in ubi->lookuptbl should be protected by ubi->wl_lock, fix it by adding ubi->wl_lock to serialize wl entry accessing between wl_entry_destroy() and eraseblk_count_seq_show(). Fetch a reproducer in [Link].
INFO
Published Date :
Dec. 9, 2025, 4:17 p.m.
Last Modified :
Dec. 9, 2025, 6:37 p.m.
Remotely Exploit :
No
Source :
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Solution
- Apply the provided patch to the Linux kernel.
- Update the Linux kernel to a secure version.
- Review and test kernel wear-leveling logic.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2023-53826.
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2023-53826 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2023-53826
weaknesses.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2023-53826 vulnerability anywhere in the article.
The following table lists the changes that have been made to the
CVE-2023-53826 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Dec. 09, 2025
Action Type Old Value New Value Added Description In the Linux kernel, the following vulnerability has been resolved: ubi: Fix UAF wear-leveling entry in eraseblk_count_seq_show() Wear-leveling entry could be freed in error path, which may be accessed again in eraseblk_count_seq_show(), for example: __erase_worker eraseblk_count_seq_show wl = ubi->lookuptbl[*block_number] if (wl) wl_entry_destroy ubi->lookuptbl[e->pnum] = NULL kmem_cache_free(ubi_wl_entry_slab, e) erase_count = wl->ec // UAF! Wear-leveling entry updating/accessing in ubi->lookuptbl should be protected by ubi->wl_lock, fix it by adding ubi->wl_lock to serialize wl entry accessing between wl_entry_destroy() and eraseblk_count_seq_show(). Fetch a reproducer in [Link]. Added Reference https://git.kernel.org/stable/c/1cb14c06d6035539ef4215c4ba0871aea71d7c38 Added Reference https://git.kernel.org/stable/c/3f9b63dfce44a7c3c095dd93d910408e07ab1845 Added Reference https://git.kernel.org/stable/c/79548ccdd992707879b4b683b7251c58ddf26f12 Added Reference https://git.kernel.org/stable/c/84250da1c63cb7d421a3b4812b5c2ce2e47d31a1 Added Reference https://git.kernel.org/stable/c/84253f3c2dad6be10d30c92626c763d9a9f512ad Added Reference https://git.kernel.org/stable/c/9d448dd6bcb61a508204b57ea1f454ba9bac2f24 Added Reference https://git.kernel.org/stable/c/a100de2974d208cfca032179b02ed4d1a0a7f143 Added Reference https://git.kernel.org/stable/c/a240bc5c43130c6aa50831d7caaa02a1d84e1bce