CVE-2023-53526

EPSS 0.02%
Veröffentlicht 01.10.2025 12:15:57
Zuletzt bearbeitet 02.10.2025 19:11:46
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

jbd2: check 'jh->b_transaction' before removing it from checkpoint

Following process will corrupt ext4 image:
Step 1:
jbd2_journal_commit_transaction
 __jbd2_journal_insert_checkpoint(jh, commit_transaction)
 // Put jh into trans1->t_checkpoint_list
 journal->j_checkpoint_transactions = commit_transaction
 // Put trans1 into journal->j_checkpoint_transactions

Step 2:
do_get_write_access
 test_clear_buffer_dirty(bh) // clear buffer dirty，set jbd dirty
 __jbd2_journal_file_buffer(jh, transaction) // jh belongs to trans2

Step 3:
drop_cache
 journal_shrink_one_cp_list
  jbd2_journal_try_remove_checkpoint
   if (!trylock_buffer(bh))  // lock bh, true
   if (buffer_dirty(bh))     // buffer is not dirty
   __jbd2_journal_remove_checkpoint(jh)
   // remove jh from trans1->t_checkpoint_list

Step 4:
jbd2_log_do_checkpoint
 trans1 = journal->j_checkpoint_transactions
 // jh is not in trans1->t_checkpoint_list
 jbd2_cleanup_journal_tail(journal)  // trans1 is done

Step 5: Power cut, trans2 is not committed, jh is lost in next mounting.

Fix it by checking 'jh->b_transaction' before remove it from checkpoint.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < ef5fea70e5915afd64182d155e72bfb4f275e1fc

Version b832174b7f89df3ebab02f5b485d00127a0e1a6e

Status affected

Version < dbafe636db415299e54d9dfefc1003bda9e71c9d

Version e5c768d809a85e9efd0274b2efe69d4970cc0014

Status affected

Version < 2298f2589903a8bc03061b54b31fd97985ab6529

Version 46f881b5b1758dc4a35fba4a643c10717d0cf427

Status affected

Version < 590a809ff743e7bd890ba5fb36bc38e20a36de53

Version 46f881b5b1758dc4a35fba4a643c10717d0cf427

Status affected

Version 019b59aeb2af6b47d5c8e69c5dc1d731c8df0354

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 6.5

Status affected

Version < 6.5

Version 0

Status unaffected

Version <= 5.15.*

Version 5.15.132

Status unaffected

Version <= 6.1.*

Version 6.1.54

Status unaffected

Version <= 6.5.*

Version 6.5.4

Status unaffected

Version <= *

Version 6.6

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.048

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/2298f2589903a8bc03061b54b31fd97985ab6529

https://git.kernel.org/stable/c/590a809ff743e7bd890ba5fb36bc38e20a36de53

https://git.kernel.org/stable/c/dbafe636db415299e54d9dfefc1003bda9e71c9d

https://git.kernel.org/stable/c/ef5fea70e5915afd64182d155e72bfb4f275e1fc

https://nvd.nist.gov/vuln/detail/CVE-2023-53526

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-53526

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-53526

EUVD