-
CVE-2023-53337
- EPSS 0.04%
- Published 17.09.2025 14:56:31
- Last modified 18.09.2025 13:43:34
- Source 416baaa9-dc9f-4396-8d5f-8c081f
- Teams watchlist Login
- Open Login
In the Linux kernel, the following vulnerability has been resolved: nilfs2: do not write dirty data after degenerating to read-only According to syzbot's report, mark_buffer_dirty() called from nilfs_segctor_do_construct() outputs a warning with some patterns after nilfs2 detects metadata corruption and degrades to read-only mode. After such read-only degeneration, page cache data may be cleared through nilfs_clear_dirty_page() which may also clear the uptodate flag for their buffer heads. However, even after the degeneration, log writes are still performed by unmount processing etc., which causes mark_buffer_dirty() to be called for buffer heads without the "uptodate" flag and causes the warning. Since any writes should not be done to a read-only file system in the first place, this fixes the warning in mark_buffer_dirty() by letting nilfs_segctor_do_construct() abort early if in read-only mode. This also changes the retry check of nilfs_segctor_write_out() to avoid unnecessary log write retries if it detects -EROFS that nilfs_segctor_do_construct() returned.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
VendorLinux
≫
Product
Linux
Default Statusunaffected
Version <
bd89073fc7a5d03b1d06b372addbe405e5a925f4
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
e9c5412c5972124776c1b873533eb39e287a4dfa
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
4569a292a84e340e97d178898ad1cfe1a3080a61
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
7c3e662048053802f6b0db3a78e97f4e1f7edc4f
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
13f73ef77baa4764dc1ca4fcbae9cade05b83866
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
a73201c607d8e506358d60aafddda4246bdd9350
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
4005cec6847c06ee191583270b7cdd7e696543cc
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
55f7810632f993cff622a0ddbc7c865892294b61
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
28a65b49eb53e172d23567005465019658bfdb4d
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
VendorLinux
≫
Product
Linux
Default Statusaffected
Version <=
4.14.*
Version
4.14.315
Status
unaffected
Version <=
4.19.*
Version
4.19.283
Status
unaffected
Version <=
5.4.*
Version
5.4.243
Status
unaffected
Version <=
5.10.*
Version
5.10.180
Status
unaffected
Version <=
5.15.*
Version
5.15.111
Status
unaffected
Version <=
6.1.*
Version
6.1.28
Status
unaffected
Version <=
6.2.*
Version
6.2.15
Status
unaffected
Version <=
6.3.*
Version
6.3.2
Status
unaffected
Version <=
*
Version
6.4
Status
unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.127 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|