CVE-2023-1652 Linux CVE debrief

Who should care

Linux kernel maintainers, distribution security teams, system administrators running NFS services, and operators of hosts where local users or untrusted workloads may reach the kernel. This is especially relevant on affected kernel branches listed by NVD, because the flaw is local but can still lead to denial of service or information disclosure.

Technical summary

The flaw is a use-after-free in nfsd4_ssc_setup_dul within fs/nfsd/nfs4proc.c. NVD maps it to CWE-416 and gives it CVSS 3.1 vector AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H, which matches a local privilege-bearing attack path that can impact confidentiality and availability. NVD’s vulnerable CPE criteria include Linux kernel versions from 5.14 up to 5.15.91, from 5.16 up to 6.1.9, and Linux 6.2 release candidates rc1 through rc4; the record also lists Red Hat Enterprise Linux 9.0 as vulnerable in the provided metadata.

Defensive priority

High. Although exploitation requires local access and some privileges, the kernel-level impact is serious: system crash potential and possible kernel information leak. Prioritize patching or vendor remediation on any host running affected kernel builds, especially NFS-capable systems and multi-tenant environments.

Recommended defensive actions

• Check whether any running Linux kernel falls within the affected ranges listed by NVD, including the 5.14-5.15.91, 5.16-6.1.9, and 6.2-rc1 through rc4 ranges in the advisory metadata.
• Apply the vendor or distribution update referenced in the Red Hat advisory and any downstream security update that includes the fix.
• Review NFS server exposure and limit local access to affected hosts until patched, especially where untrusted users, containers, or workloads may be present.
• Monitor for kernel crashes or unexpected information leakage indicators on systems that cannot be updated immediately.
• Confirm remediation using the vendor advisory and follow any distribution-specific backport guidance rather than relying only on upstream version numbers.

Evidence notes

This debrief is based only on the supplied NVD-derived record and official reference links. The CVE description states a use-after-free in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c with possible system crash or kernel information leak. NVD metadata provides the CVSS vector, CWE-416 mapping, vulnerable CPE ranges, and references to Red Hat, NetApp, and Siemens advisories. No exploit steps or unsupported impact claims are included.

Official resources