-

CVE-2023-53224

EPSS 0.03%
Published 15.09.2025 14:21:53
Last modified 15.09.2025 15:22:27
Source 416baaa9-dc9f-4396-8d5f-8c081f
Teams watchlist Login
Open Login

In the Linux kernel, the following vulnerability has been resolved:

ext4: Fix function prototype mismatch for ext4_feat_ktype

With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG),
indirect call targets are validated against the expected function
pointer prototype to make sure the call target is valid to help mitigate
ROP attacks. If they are not identical, there is a failure at run time,
which manifests as either a kernel panic or thread getting killed.

ext4_feat_ktype was setting the "release" handler to "kfree", which
doesn't have a matching function prototype. Add a simple wrapper
with the correct prototype.

This was found as a result of Clang's new -Wcast-function-type-strict
flag, which is more sensitive than the simpler -Wcast-function-type,
which only checks for type width mismatches.

Note that this code is only reached when ext4 is a loadable module and
it is being unloaded:

 CFI failure at kobject_put+0xbb/0x1b0 (target: kfree+0x0/0x180; expected type: 0x7c4aa698)
 ...
 RIP: 0010:kobject_put+0xbb/0x1b0
 ...
 Call Trace:
  <TASK>
  ext4_exit_sysfs+0x14/0x60 [ext4]
  cleanup_module+0x67/0xedb [ext4]

Affected products Warnungen 0 Metrics 1 CWE 0 References 10

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

VendorLinux

≫

Product Linux

Default Statusunaffected

Version < 2b69cdd9f9a7f596e3dd31f05f9852940d177924

Version b99fee58a20ab8e0557cce87b6f187e325993142

Status affected

Version < 99e3fd21f8fc975c95e8cf76fbf6a3d2656f8f71

Version b99fee58a20ab8e0557cce87b6f187e325993142

Status affected

Version < 1ba10d3640e9783dad811fe4e24d55465c37c64d

Version b99fee58a20ab8e0557cce87b6f187e325993142

Status affected

Version < c98077f7598a562f51051eec043be0cb3e1b1b5e

Version b99fee58a20ab8e0557cce87b6f187e325993142

Status affected

Version < 0a1394e07c5d6bf1bfc25db8589ff1b1bfb6f46a

Version b99fee58a20ab8e0557cce87b6f187e325993142

Status affected

Version < 94d8de83286fb1827340eba35b61c308f6b46ead

Version b99fee58a20ab8e0557cce87b6f187e325993142

Status affected

Version < 118901ad1f25d2334255b3d50512fa20591531cd

Version b99fee58a20ab8e0557cce87b6f187e325993142

Status affected

VendorLinux

≫

Product Linux

Default Statusaffected

Version 4.16

Status affected

Version < 4.16

Version 0

Status unaffected

Version <= 4.19.*

Version 4.19.274

Status unaffected

Version <= 5.4.*

Version 5.4.233

Status unaffected

Version <= 5.10.*

Version 5.10.170

Status unaffected

Version <= 5.15.*

Version 5.15.96

Status unaffected

Version <= 6.1.*

Version 6.1.14

Status unaffected

Version <= 6.2.*

Version 6.2.1

Status unaffected

Version <= *

Version 6.3

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.03%	0.078

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string

https://git.kernel.org/stable/c/2b69cdd9f9a7f596e3dd31f05f9852940d177924

https://git.kernel.org/stable/c/99e3fd21f8fc975c95e8cf76fbf6a3d2656f8f71

https://git.kernel.org/stable/c/1ba10d3640e9783dad811fe4e24d55465c37c64d

https://git.kernel.org/stable/c/c98077f7598a562f51051eec043be0cb3e1b1b5e

https://git.kernel.org/stable/c/0a1394e07c5d6bf1bfc25db8589ff1b1bfb6f46a

https://git.kernel.org/stable/c/94d8de83286fb1827340eba35b61c308f6b46ead

https://git.kernel.org/stable/c/118901ad1f25d2334255b3d50512fa20591531cd

https://nvd.nist.gov/vuln/detail/CVE-2023-53224

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-53224

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-53224

EUVD