CVE-2023-53120

MEDIUM

Linux Kernel - Use-After-Free in SCSI MPI3MR Config Page DMA Handling

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix config page DMA memory leak A fix for: DMA-API: pci 0000:83:00.0: device driver has pending DMA allocations while released from device [count=1]

References (3)

Core 3

Core References

Patch

https://git.kernel.org/stable/c/dca06ccf13de14e144d34f158f73ae0032f80e63

Patch

https://git.kernel.org/stable/c/5fc4d698ed4b6507be2eb36d040a678adcb89da4

Patch

https://git.kernel.org/stable/c/7d2b02172b6a2ae6aecd7ef6480b9c4bf3dc59f4

Scores

CVSS v3 5.5

EPSS 0.0016

EPSS Percentile 5.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-401

Status published

Products (10)

Linux/Linux < 6.1

Linux/Linux 32d457d5a2af9bf5ddbe28297eabf1fc93451665 - 5fc4d698ed4b6507be2eb36d040a678adcb89da4

Linux/Linux 32d457d5a2af9bf5ddbe28297eabf1fc93451665 - 7d2b02172b6a2ae6aecd7ef6480b9c4bf3dc59f4

Linux/Linux 32d457d5a2af9bf5ddbe28297eabf1fc93451665 - dca06ccf13de14e144d34f158f73ae0032f80e63

Linux/Linux 6.1

Linux/Linux 6.1.21 - 6.1.*

Linux/Linux 6.2.8 - 6.2.*

Linux/Linux 6.3

linux/linux_kernel 6.3 rc1 (2 CPE variants)

linux/linux_kernel 6.1 - 6.1.21

Published May 02, 2025

Tracked Since Feb 18, 2026