-
CVE-2023-53294
- EPSS 0.02%
- Published 16.09.2025 08:11:26
- Last modified 16.09.2025 12:49:16
- Source 416baaa9-dc9f-4396-8d5f-8c081f
- Teams watchlist Login
- Open Login
In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: Fix null-ptr-deref on inode->i_op in ntfs_lookup()
Syzbot reported a null-ptr-deref bug:
ntfs3: loop0: Different NTFS' sector size (1024) and media sector size
(512)
ntfs3: loop0: Mark volume as dirty due to NTFS errors
general protection fault, probably for non-canonical address
0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN
KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]
RIP: 0010:d_flags_for_inode fs/dcache.c:1980 [inline]
RIP: 0010:__d_add+0x5ce/0x800 fs/dcache.c:2796
Call Trace:
<TASK>
d_splice_alias+0x122/0x3b0 fs/dcache.c:3191
lookup_open fs/namei.c:3391 [inline]
open_last_lookups fs/namei.c:3481 [inline]
path_openat+0x10e6/0x2df0 fs/namei.c:3688
do_filp_open+0x264/0x4f0 fs/namei.c:3718
do_sys_openat2+0x124/0x4e0 fs/open.c:1310
do_sys_open fs/open.c:1326 [inline]
__do_sys_open fs/open.c:1334 [inline]
__se_sys_open fs/open.c:1330 [inline]
__x64_sys_open+0x221/0x270 fs/open.c:1330
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x63/0xcd
If the MFT record of ntfs inode is not a base record, inode->i_op can be
NULL. And a null-ptr-deref may happen:
ntfs_lookup()
dir_search_u() # inode->i_op is set to NULL
d_splice_alias()
__d_add()
d_flags_for_inode() # inode->i_op->get_link null-ptr-deref
Fix this by adding a Check on inode->i_op before calling the
d_splice_alias() function.Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
VendorLinux
≫
Product
Linux
Default Statusunaffected
Version <
f8d9e062a695a3665c4635c4f216a75912687598
Version
4342306f0f0d5ff4315a204d315c1b51b914fca5
Status
affected
Version <
d69d5e2a81df94534bdb468bcdd26060fcb7191a
Version
4342306f0f0d5ff4315a204d315c1b51b914fca5
Status
affected
Version <
2ba22cbc6a1cf4b58195adbee0b80262e53992d3
Version
4342306f0f0d5ff4315a204d315c1b51b914fca5
Status
affected
Version <
e78240bc4b94fc42854d65e657bb998100cc8e1b
Version
4342306f0f0d5ff4315a204d315c1b51b914fca5
Status
affected
Version <
254e69f284d7270e0abdc023ee53b71401c3ba0c
Version
4342306f0f0d5ff4315a204d315c1b51b914fca5
Status
affected
VendorLinux
≫
Product
Linux
Default Statusaffected
Version
5.15
Status
affected
Version <
5.15
Version
0
Status
unaffected
Version <=
5.15.*
Version
5.15.112
Status
unaffected
Version <=
6.1.*
Version
6.1.29
Status
unaffected
Version <=
6.2.*
Version
6.2.16
Status
unaffected
Version <=
6.3.*
Version
6.3.3
Status
unaffected
Version <=
*
Version
6.4
Status
unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.048 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|