-
CVE-2023-53339
- EPSS 0.03%
- Published 17.09.2025 14:56:33
- Last modified 18.09.2025 13:43:34
- Source 416baaa9-dc9f-4396-8d5f-8c081f
- Teams watchlist Login
- Open Login
In the Linux kernel, the following vulnerability has been resolved:
btrfs: fix BUG_ON condition in btrfs_cancel_balance
Pausing and canceling balance can race to interrupt balance lead to BUG_ON
panic in btrfs_cancel_balance. The BUG_ON condition in btrfs_cancel_balance
does not take this race scenario into account.
However, the race condition has no other side effects. We can fix that.
Reproducing it with panic trace like this:
kernel BUG at fs/btrfs/volumes.c:4618!
RIP: 0010:btrfs_cancel_balance+0x5cf/0x6a0
Call Trace:
<TASK>
? do_nanosleep+0x60/0x120
? hrtimer_nanosleep+0xb7/0x1a0
? sched_core_clone_cookie+0x70/0x70
btrfs_ioctl_balance_ctl+0x55/0x70
btrfs_ioctl+0xa46/0xd20
__x64_sys_ioctl+0x7d/0xa0
do_syscall_64+0x38/0x80
entry_SYSCALL_64_after_hwframe+0x63/0xcd
Race scenario as follows:
> mutex_unlock(&fs_info->balance_mutex);
> --------------------
> .......issue pause and cancel req in another thread
> --------------------
> ret = __btrfs_balance(fs_info);
>
> mutex_lock(&fs_info->balance_mutex);
> if (ret == -ECANCELED && atomic_read(&fs_info->balance_pause_req)) {
> btrfs_info(fs_info, "balance: paused");
> btrfs_exclop_balance(fs_info, BTRFS_EXCLOP_BALANCE_PAUSED);
> }Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
VendorLinux
≫
Product
Linux
Default Statusunaffected
Version <
7c93b89cd46636b5e74c12fa21dd86167bc6ea8d
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
a0a462a0f20926918d6009f0b4b25673e883fc98
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
bd7bef82ce0e929ef4cf63a34990545aaca28077
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
b966e9e1e250dfdb41a7f41775faea4a37af923c
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
ceb9ba8e30833a4823e2dc73f80ebcdf2498d01a
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
ae81329f7de3aa6f34ecdfa5412e72161a30e9ce
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
29eefa6d0d07e185f7bfe9576f91e6dba98189c2
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
VendorLinux
≫
Product
Linux
Default Statusaffected
Version <=
4.19.*
Version
4.19.293
Status
unaffected
Version <=
5.4.*
Version
5.4.255
Status
unaffected
Version <=
5.10.*
Version
5.10.192
Status
unaffected
Version <=
5.15.*
Version
5.15.128
Status
unaffected
Version <=
6.1.*
Version
6.1.47
Status
unaffected
Version <=
6.4.*
Version
6.4.12
Status
unaffected
Version <=
*
Version
6.5
Status
unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.078 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|