CVE-2023-53526

EPSS 0.02%
Published 01.10.2025 12:15:57
Last modified 02.10.2025 19:11:46
Source 416baaa9-dc9f-4396-8d5f-8c081f
Teams watchlist Login
Open Login

In the Linux kernel, the following vulnerability has been resolved:

jbd2: check 'jh->b_transaction' before removing it from checkpoint

Following process will corrupt ext4 image:
Step 1:
jbd2_journal_commit_transaction
 __jbd2_journal_insert_checkpoint(jh, commit_transaction)
 // Put jh into trans1->t_checkpoint_list
 journal->j_checkpoint_transactions = commit_transaction
 // Put trans1 into journal->j_checkpoint_transactions

Step 2:
do_get_write_access
 test_clear_buffer_dirty(bh) // clear buffer dirty，set jbd dirty
 __jbd2_journal_file_buffer(jh, transaction) // jh belongs to trans2

Step 3:
drop_cache
 journal_shrink_one_cp_list
  jbd2_journal_try_remove_checkpoint
   if (!trylock_buffer(bh))  // lock bh, true
   if (buffer_dirty(bh))     // buffer is not dirty
   __jbd2_journal_remove_checkpoint(jh)
   // remove jh from trans1->t_checkpoint_list

Step 4:
jbd2_log_do_checkpoint
 trans1 = journal->j_checkpoint_transactions
 // jh is not in trans1->t_checkpoint_list
 jbd2_cleanup_journal_tail(journal)  // trans1 is done

Step 5: Power cut, trans2 is not committed, jh is lost in next mounting.

Fix it by checking 'jh->b_transaction' before remove it from checkpoint.

Affected products Warnungen 0 Metrics 1 CWE 0 References 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

VendorLinux

≫

Product Linux

Default Statusunaffected

Version < ef5fea70e5915afd64182d155e72bfb4f275e1fc

Version b832174b7f89df3ebab02f5b485d00127a0e1a6e

Status affected

Version < dbafe636db415299e54d9dfefc1003bda9e71c9d

Version e5c768d809a85e9efd0274b2efe69d4970cc0014

Status affected

Version < 2298f2589903a8bc03061b54b31fd97985ab6529

Version 46f881b5b1758dc4a35fba4a643c10717d0cf427

Status affected

Version < 590a809ff743e7bd890ba5fb36bc38e20a36de53

Version 46f881b5b1758dc4a35fba4a643c10717d0cf427

Status affected

Version 019b59aeb2af6b47d5c8e69c5dc1d731c8df0354

Status affected

VendorLinux

≫

Product Linux

Default Statusaffected

Version 6.5

Status affected

Version < 6.5

Version 0

Status unaffected

Version <= 5.15.*

Version 5.15.132

Status unaffected

Version <= 6.1.*

Version 6.1.54

Status unaffected

Version <= 6.5.*

Version 6.5.4

Status unaffected

Version <= *

Version 6.6

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.02%	0.048

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string

https://git.kernel.org/stable/c/2298f2589903a8bc03061b54b31fd97985ab6529

https://git.kernel.org/stable/c/590a809ff743e7bd890ba5fb36bc38e20a36de53

https://git.kernel.org/stable/c/dbafe636db415299e54d9dfefc1003bda9e71c9d

https://git.kernel.org/stable/c/ef5fea70e5915afd64182d155e72bfb4f275e1fc

https://nvd.nist.gov/vuln/detail/CVE-2023-53526

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-53526

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-53526

EUVD