-

CVE-2023-54119

EPSS 0.05%
Veröffentlicht 24.12.2025 13:06:39
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

inotify: Avoid reporting event with invalid wd

In the Linux kernel, the following vulnerability has been resolved:

inotify: Avoid reporting event with invalid wd

When inotify_freeing_mark() races with inotify_handle_inode_event() it
can happen that inotify_handle_inode_event() sees that i_mark->wd got
already reset to -1 and reports this value to userspace which can
confuse the inotify listener. Avoid the problem by validating that wd is
sensible (and pretend the mark got removed before the event got
generated otherwise).

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 10

CNA 2 VulnDex Vulnerability Enrichment 11

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version 7e790dd5fc937bc8d2400c30a05e32a9e9eef276

Version < 8fb33166aed888769ea63d6af49515893f8a1f14

Status affected

Version 7e790dd5fc937bc8d2400c30a05e32a9e9eef276

Version < 2d65c97777e5b4a845637800d5d7b648f5772106

Status affected

Version 7e790dd5fc937bc8d2400c30a05e32a9e9eef276

Version < 17ad86d8c12220de97e80d88b5b4c934a40e1812

Status affected

Version 7e790dd5fc937bc8d2400c30a05e32a9e9eef276

Version < 145f54ea336b06cf4f92eeee996f2ffca939ea43

Status affected

Version 7e790dd5fc937bc8d2400c30a05e32a9e9eef276

Version < fb3294998489d39835006240e9c6e6b2ac62022e

Status affected

Version 7e790dd5fc937bc8d2400c30a05e32a9e9eef276

Version < a48bacee05860c6089c3482bcdc80720b0ee5732

Status affected

Version 7e790dd5fc937bc8d2400c30a05e32a9e9eef276

Version < c915d8f5918bea7c3962b09b8884ca128bfd9b0c

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 2.6.31

Status affected

Version 0

Version < 2.6.31

Status unaffected

Version <= 5.4.*

Version 5.4.243

Status unaffected

Version <= 5.10.*

Version 5.10.180

Status unaffected

Version <= 5.15.*

Version 5.15.112

Status unaffected

Version <= 6.1.*

Version 6.1.29

Status unaffected

Version <= 6.2.*

Version 6.2.16

Status unaffected

Version <= 6.3.*

Version 6.3.3

Status unaffected

Version <= *

Version 6.4

Status unaffected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.144

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/8fb33166aed888769ea63d6af49515893f8a1f14

https://git.kernel.org/stable/c/2d65c97777e5b4a845637800d5d7b648f5772106

https://git.kernel.org/stable/c/17ad86d8c12220de97e80d88b5b4c934a40e1812

https://git.kernel.org/stable/c/145f54ea336b06cf4f92eeee996f2ffca939ea43

https://git.kernel.org/stable/c/fb3294998489d39835006240e9c6e6b2ac62022e

https://git.kernel.org/stable/c/a48bacee05860c6089c3482bcdc80720b0ee5732

https://git.kernel.org/stable/c/c915d8f5918bea7c3962b09b8884ca128bfd9b0c

https://nvd.nist.gov/vuln/detail/CVE-2023-54119

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-54119

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-54119

EUVD