CVE-2023-53149

EPSS 0.03%
Veröffentlicht 15.09.2025 14:03:13
Zuletzt bearbeitet 15.09.2025 15:22:27
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

ext4: avoid deadlock in fs reclaim with page writeback

Ext4 has a filesystem wide lock protecting ext4_writepages() calls to
avoid races with switching of journalled data flag or inode format. This
lock can however cause a deadlock like:

CPU0                            CPU1

ext4_writepages()
  percpu_down_read(sbi->s_writepages_rwsem);
                                ext4_change_inode_journal_flag()
                                  percpu_down_write(sbi->s_writepages_rwsem);
                                    - blocks, all readers block from now on
  ext4_do_writepages()
    ext4_init_io_end()
      kmem_cache_zalloc(io_end_cachep, GFP_KERNEL)
        fs_reclaim frees dentry...
          dentry_unlink_inode()
            iput() - last ref =>
              iput_final() - inode dirty =>
                write_inode_now()...
                  ext4_writepages() tries to acquire sbi->s_writepages_rwsem
                    and blocks forever

Make sure we cannot recurse into filesystem reclaim from writeback code
to avoid the deadlock.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 6

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 2ec97dc90df40c50e509809dc9a198638a7e18b6

Version c8585c6fcaf2011de54c3592e80a634a2b9e1a7f

Status affected

Version < 4b4340bf04ce9a52061f15000ecedd126abc093c

Version c8585c6fcaf2011de54c3592e80a634a2b9e1a7f

Status affected

Version < 00d873c17e29cc32d90ca852b82685f1673acaa5

Version c8585c6fcaf2011de54c3592e80a634a2b9e1a7f

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.7

Status affected

Version < 4.7

Version 0

Status unaffected

Version <= 6.2.*

Version 6.2.16

Status unaffected

Version <= 6.3.*

Version 6.3.3

Status unaffected

Version <= *

Version 6.4

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.08

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/2ec97dc90df40c50e509809dc9a198638a7e18b6

https://git.kernel.org/stable/c/4b4340bf04ce9a52061f15000ecedd126abc093c

https://git.kernel.org/stable/c/00d873c17e29cc32d90ca852b82685f1673acaa5

https://nvd.nist.gov/vuln/detail/CVE-2023-53149

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-53149

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-53149

EUVD