CVE-2023-53593 in Linux
Summary
by MITRE • 10/04/2025
In the Linux kernel, the following vulnerability has been resolved:
cifs: Release folio lock on fscache read hit.
Under the current code, when cifs_readpage_worker is called, the call contract is that the callee should unlock the page. This is documented in the read_folio section of Documentation/filesystems/vfs.rst as:
> The filesystem should unlock the folio once the read has completed, > whether it was successful or not.
Without this change, when fscache is in use and cache hit occurs during a read, the page lock is leaked, producing the following stack on subsequent reads (via mmap) to the page:
$ cat /proc/3890/task/12864/stack [<0>] folio_wait_bit_common+0x124/0x350
[<0>] filemap_read_folio+0xad/0xf0
[<0>] filemap_fault+0x8b1/0xab0
[<0>] __do_fault+0x39/0x150
[<0>] do_fault+0x25c/0x3e0
[<0>] __handle_mm_fault+0x6ca/0xc70
[<0>] handle_mm_fault+0xe9/0x350
[<0>] do_user_addr_fault+0x225/0x6c0
[<0>] exc_page_fault+0x84/0x1b0
[<0>] asm_exc_page_fault+0x27/0x30
This requires a reboot to resolve; it is a deadlock.
Note however that the call to cifs_readpage_from_fscache does mark the page clean, but does not free the folio lock. This happens in __cifs_readpage_from_fscache on success. Releasing the lock at that point however is not appropriate as cifs_readahead also calls cifs_readpage_from_fscache and *does* unconditionally release the lock after its return. This change therefore effectively makes cifs_readpage_worker work like cifs_readahead.
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Analysis
by VulDB Data Team • 04/28/2026
The vulnerability CVE-2023-53593 affects the Linux kernel's CIFS (Common Internet File System) implementation and represents a critical locking mechanism failure that leads to system deadlock conditions. This issue specifically manifests when fscache is enabled and a cache hit occurs during file read operations, creating a scenario where folio locks become permanently acquired without proper release. The problem stems from a violation of the Virtual File System (VFS) layer contract that explicitly requires filesystem implementations to unlock folios once read operations complete, regardless of success or failure status. According to CWE-667, this represents an improper lock release vulnerability that directly impacts system availability and stability.
The technical flaw occurs within the cifs_readpage_worker function where the expected behavior of releasing folio locks upon completion is not properly implemented. When fscache operations encounter a cache hit during read requests, the system fails to release the folio lock that was acquired during the initial read attempt. This creates a deadlock condition that manifests in the kernel stack trace showing folio_wait_bit_common waiting indefinitely for a lock that will never be released. The issue is particularly insidious because it affects memory mapping operations via mmap calls, making it difficult to identify and resolve without a system reboot. This vulnerability directly relates to ATT&CK technique T1490 which involves creating or manipulating system resources to cause denial of service conditions.
The operational impact of this vulnerability extends beyond simple system instability to include complete system lockup scenarios that require manual intervention through reboot operations. The deadlock condition prevents subsequent read operations on the affected pages from completing, effectively rendering the filesystem access unusable until system restart occurs. This creates significant operational challenges in production environments where continuous availability is critical, and the need for manual intervention increases system maintenance overhead and potential data loss risks. The vulnerability affects systems using CIFS with fscache functionality, particularly those in enterprise environments where file caching mechanisms are commonly employed for performance optimization.
Mitigation strategies for CVE-2023-53593 require immediate kernel updates to apply the patched code that properly releases folio locks in all code paths. The fix implements a consistent approach where cifs_readpage_worker behaves similarly to cifs_readahead by ensuring proper lock release regardless of whether the operation succeeds or fails. Organizations should prioritize patching systems running affected kernel versions, particularly those using CIFS filesystems with fscache enabled. Additionally, monitoring should be implemented to detect potential deadlock conditions, and system administrators should consider disabling fscache temporarily if immediate patching is not feasible. The vulnerability highlights the importance of proper lock management in kernel-level filesystem implementations and underscores the necessity of following established VFS contracts to prevent system-level availability issues.