How to fix EUVD-2025-32319?

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Vendor patch is available.

Is Linux Kernel affected by EUVD-2025-32319?

CVE-2023-53557 presents moderate security risk rated CVSS 5.5. Exploitation could compromise the security of affected deployments. A patch is available and should be applied during regular vulnerability management.

EUVD-2025-32319

| CVE-2023-53557 MEDIUM

2025-10-04 416baaa9-dc9f-4396-8d5f-8c081fb06d67

5.5

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Lifecycle Timeline

Patch Released

Mar 21, 2026 - 00:59 nvd

Patch available

Analysis Generated

Mar 13, 2026 - 19:56 vuln.today

EUVD ID Assigned

Mar 13, 2026 - 19:56 euvd

EUVD-2025-32319

CVE Published

Oct 04, 2025 - 16:15 nvd

MEDIUM 5.5

Description

In the Linux kernel, the following vulnerability has been resolved: fprobe: Release rethook after the ftrace_ops is unregistered While running bpf selftests it's possible to get following fault: general protection fault, probably for non-canonical address \ 0x6b6b6b6b6b6b6b6b: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC NOPTI ... Call Trace: <TASK> fprobe_handler+0xc1/0x270 ? __pfx_bpf_testmod_init+0x10/0x10 ? __pfx_bpf_testmod_init+0x10/0x10 ? bpf_fentry_test1+0x5/0x10 ? bpf_fentry_test1+0x5/0x10 ? bpf_testmod_init+0x22/0x80 ? do_one_initcall+0x63/0x2e0 ? rcu_is_watching+0xd/0x40 ? kmalloc_trace+0xaf/0xc0 ? do_init_module+0x60/0x250 ? __do_sys_finit_module+0xac/0x120 ? do_syscall_64+0x37/0x90 ? entry_SYSCALL_64_after_hwframe+0x72/0xdc </TASK> In unregister_fprobe function we can't release fp->rethook while it's possible there are some of its users still running on another cpu. Moving rethook_free call after fp->ops is unregistered with unregister_ftrace_function call.

Analysis

CVE-2023-53557 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

Technical Context

Vulnerability type not specified by vendor.

Affected Products

['Unspecified product']

Remediation

Apply the vendor-supplied patch immediately.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +28

POC: 0

Vendor Status

EUVD-2025-32319 vulnerability details – vuln.today

Back

EUVD-2025-32319

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Vendor Status

Share

EUVD-2025-32319

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Vendor Status

Share

External POC / Exploit Code