-

CVE-2023-53845

EPSS 0.03%
Veröffentlicht 09.12.2025 01:30:08
Zuletzt bearbeitet 09.12.2025 18:37:13
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

nilfs2: fix infinite loop in nilfs_mdt_get_block()

If the disk image that nilfs2 mounts is corrupted and a virtual block
address obtained by block lookup for a metadata file is invalid,
nilfs_bmap_lookup_at_level() may return the same internal return code as
-ENOENT, meaning the block does not exist in the metadata file.

This duplication of return codes confuses nilfs_mdt_get_block(), causing
it to read and create a metadata block indefinitely.

In particular, if this happens to the inode metadata file, ifile,
semaphore i_rwsem can be left held, causing task hangs in lock_mount.

Fix this issue by making nilfs_bmap_lookup_at_level() treat virtual block
address translation failures with -ENOENT as metadata corruption instead
of returning the error code.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 12

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < cfb0bb4fbd40c1f06da7e9f88c0a2d46155b90c2

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < d536f9976bb04e9c84cf80045a9355975e418f41

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < fe1cbbcb1a2532ee1654e1ff121be8906d83c6f0

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 8a89d36a07afe1ed4564df51fefa2bb556c85412

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 8d07d9119642ba43d21f8ba64d51d01931096b20

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 25457d07c8146e57d28906c663def033dc425af6

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 34c5f17222b50c79848bb03ec8811648813e6a45

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < 5b29661669cb65b9750a3cf70ed3eaf947b92167

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

Version < a6a491c048882e7e424d407d32cba0b52d9ef2bf

Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version <= 4.14.*

Version 4.14.315

Status unaffected

Version <= 4.19.*

Version 4.19.283

Status unaffected

Version <= 5.4.*

Version 5.4.243

Status unaffected

Version <= 5.10.*

Version 5.10.180

Status unaffected

Version <= 5.15.*

Version 5.15.111

Status unaffected

Version <= 6.1.*

Version 6.1.28

Status unaffected

Version <= 6.2.*

Version 6.2.15

Status unaffected

Version <= 6.3.*

Version 6.3.2

Status unaffected

Version <= *

Version 6.4

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.091

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/cfb0bb4fbd40c1f06da7e9f88c0a2d46155b90c2

https://git.kernel.org/stable/c/d536f9976bb04e9c84cf80045a9355975e418f41

https://git.kernel.org/stable/c/fe1cbbcb1a2532ee1654e1ff121be8906d83c6f0

https://git.kernel.org/stable/c/8a89d36a07afe1ed4564df51fefa2bb556c85412

https://git.kernel.org/stable/c/8d07d9119642ba43d21f8ba64d51d01931096b20

https://git.kernel.org/stable/c/25457d07c8146e57d28906c663def033dc425af6

https://git.kernel.org/stable/c/34c5f17222b50c79848bb03ec8811648813e6a45

https://git.kernel.org/stable/c/5b29661669cb65b9750a3cf70ed3eaf947b92167

https://git.kernel.org/stable/c/a6a491c048882e7e424d407d32cba0b52d9ef2bf

https://nvd.nist.gov/vuln/detail/CVE-2023-53845

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-53845

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-53845

EUVD