Wiz
Vulnerability DatabaseCVE-2023-52992

CVE-2023-52992
Linux Kernel vulnerability analysis and mitigation

Overview

CVE-2023-52992 is a vulnerability in the Linux kernel that was discovered and disclosed on March 27, 2025. The vulnerability affects the BPF (Berkeley Packet Filter) subsystem, specifically in the sendsignalcommon() function's handling of tasks with PID 1 (NVD CVE).

Technical details

The vulnerability occurs when a task with PID 1 (typically the init/systemd process) attaches a BPF program that attempts to send a killing signal to itself. This triggers a kernel panic with the message 'Attempted to kill init!' and a specific call trace through various kernel functions including dumpstack, panic, doexit, and signal handling routines. The issue was resolved by implementing a skip mechanism for tasks with PID 1 in the bpfsendsignal_common() function (NVD CVE).

Impact

When exploited, this vulnerability causes a kernel panic, effectively crashing the system. This results in a denial of service condition as the system becomes unresponsive and requires a restart. The impact is particularly significant as it affects PID 1, which is a critical system process (NVD CVE).

Mitigation and workarounds

The vulnerability has been patched by implementing a check to skip tasks with PID 1 in the bpfsendsignal_common() function. Users should update their Linux kernel to a version that includes this fix (NVD CVE).

Additional resources

SourceThis report was generated using AI

Related Linux Kernel vulnerabilities:

CVE ID

Severity

Score

Technologies

Component name

CISA KEV exploit

Has fix

Published date

CVE-2025-40205HIGH7.8
  • Linux KernelLinux Kernel
  • linux-gcp-5.4
NoYesNov 12, 2025
CVE-2025-40211HIGH7.1
  • Linux KernelLinux Kernel
  • linux-gcp-6.8
NoYesNov 21, 2025
CVE-2025-40206MEDIUM5.5
  • Linux KernelLinux Kernel
  • kernel-zfcpdump-modules-extra
NoYesNov 12, 2025
CVE-2025-40210MEDIUM5.1
  • Linux KernelLinux Kernel
  • kernel-rt-64k-modules
NoYesNov 21, 2025
CVE-2025-40212N/AN/A
  • Linux KernelLinux Kernel
  • linux-azure-6.14
NoYesNov 24, 2025

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Additional Wiz resources

Cloud Vulnerability DB

Cloud Vulnerability DB

A community-led vulnerabilities database

Cloud Threat Landscape

Cloud Threat Landscape

A threat intelligence database

PEACH

PEACH

A tenant isolation framework

Get a personalized demo

Ready to see Wiz in action?

"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management
Get a demo