Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2023-53528
CVE-2023-53528:
Linux Kernel vulnerability analysis and mitigation
Overview
CVE-2023-53528 is a vulnerability discovered in the Linux kernel's RDMA/rxe subsystem, reported on October 1, 2025. The vulnerability specifically affects the queue pair (QP) cleanup code in the RDMA/rxe component (NVD, Ubuntu).
Technical details
The vulnerability occurs when the create_qp operation does not fully succeed, leading to a potential segmentation fault during cleanup. Specifically, the QP cleanup code attempts to drain the send or recv work queues before these queues have been properly created. The fix involves implementing a check to verify the existence of queues before attempting to drain them (NVD).
Impact
If exploited, this vulnerability can cause a segmentation fault in the Linux kernel, potentially leading to system crashes or denial of service conditions (Red Hat).
Mitigation and workarounds
A patch has been developed that adds verification of queue existence before attempting drain operations. System administrators are advised to update their Linux kernel to a version that includes this fix (NVD).
Additional resources
Source: This report was generated using AI
Related Linux Kernel vulnerabilities:
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management