-

CVE-2023-53506

EPSS 0.03%
Published 01.10.2025 12:15:54
Last modified 02.10.2025 19:11:46
Source 416baaa9-dc9f-4396-8d5f-8c081f
Teams watchlist Login
Open Login

In the Linux kernel, the following vulnerability has been resolved:

udf: Do not bother merging very long extents

When merging very long extents we try to push as much length as possible
to the first extent. However this is unnecessarily complicated and not
really worth the trouble. Furthermore there was a bug in the logic
resulting in corrupting extents in the file as syzbot reproducer shows.
So just don't bother with the merging of extents that are too long
together.

Affected products Warnungen 0 Metrics 1 CWE 0 References 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

VendorLinux

≫

Product Linux

Default Statusunaffected

Version < d52252a1de4cf96a34f722b0cd8902d8ff78eb57

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 5d029799d381a9ee06209a222cae75f04c5d5304

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 3d20e3b768aff32112bdce8d3219d923ae75f9f1

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 965982feb333aefa9256c0fe188b5f1b958aef63

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 9a8d602f0723586e668bae7e65c832ceb9bcc8bc

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < adac9ac6d2e04ea0782b91a00ba10706002f3ec4

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 7a965da79f2d22601f329cbfce588386b0847544

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 53cafe1d6d8ef9f93318e5bfccc0d24f27d41ced

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

VendorLinux

≫

Product Linux

Default Statusaffected

Version <= 4.14.*

Version 4.14.308

Status unaffected

Version <= 4.19.*

Version 4.19.276

Status unaffected

Version <= 5.4.*

Version 5.4.235

Status unaffected

Version <= 5.10.*

Version 5.10.173

Status unaffected

Version <= 5.15.*

Version 5.15.99

Status unaffected

Version <= 6.1.*

Version 6.1.16

Status unaffected

Version <= 6.2.*

Version 6.2.3

Status unaffected

Version <= *

Version 6.3

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.03%	0.081

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string

https://git.kernel.org/stable/c/3d20e3b768aff32112bdce8d3219d923ae75f9f1

https://git.kernel.org/stable/c/53cafe1d6d8ef9f93318e5bfccc0d24f27d41ced

https://git.kernel.org/stable/c/5d029799d381a9ee06209a222cae75f04c5d5304

https://git.kernel.org/stable/c/7a965da79f2d22601f329cbfce588386b0847544

https://git.kernel.org/stable/c/965982feb333aefa9256c0fe188b5f1b958aef63

https://git.kernel.org/stable/c/9a8d602f0723586e668bae7e65c832ceb9bcc8bc

https://git.kernel.org/stable/c/adac9ac6d2e04ea0782b91a00ba10706002f3ec4

https://git.kernel.org/stable/c/d52252a1de4cf96a34f722b0cd8902d8ff78eb57

https://nvd.nist.gov/vuln/detail/CVE-2023-53506

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-53506

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-53506

EUVD