CVE-2023-54151

EPSS 0.02%
Veröffentlicht 24.12.2025 13:07:02
Zuletzt bearbeitet 29.12.2025 15:58:13
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

f2fs: Fix system crash due to lack of free space in LFS

When f2fs tries to checkpoint during foreground gc in LFS mode, system
crash occurs due to lack of free space if the amount of dirty node and
dentry pages generated by data migration exceeds free space.
The reproduction sequence is as follows.

 - 20GiB capacity block device (null_blk)
 - format and mount with LFS mode
 - create a file and write 20,000MiB
 - 4k random write on full range of the file

 RIP: 0010:new_curseg+0x48a/0x510 [f2fs]
 Code: 55 e7 f5 89 c0 48 0f af c3 48 8b 5d c0 48 c1 e8 20 83 c0 01 89 43 6c 48 83 c4 28 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc <0f> 0b f0 41 80 4f 48 04 45 85 f6 0f 84 ba fd ff ff e9 ef fe ff ff
 RSP: 0018:ffff977bc397b218 EFLAGS: 00010246
 RAX: 00000000000027b9 RBX: 0000000000000000 RCX: 00000000000027c0
 RDX: 0000000000000000 RSI: 00000000000027b9 RDI: ffff8c25ab4e74f8
 RBP: ffff977bc397b268 R08: 00000000000027b9 R09: ffff8c29e4a34b40
 R10: 0000000000000001 R11: ffff977bc397b0d8 R12: 0000000000000000
 R13: ffff8c25b4dd81a0 R14: 0000000000000000 R15: ffff8c2f667f9000
 FS: 0000000000000000(0000) GS:ffff8c344ec80000(0000) knlGS:0000000000000000
 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
 CR2: 000000c00055d000 CR3: 0000000e30810003 CR4: 00000000003706e0
 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
 Call Trace:
 <TASK>
 allocate_segment_by_default+0x9c/0x110 [f2fs]
 f2fs_allocate_data_block+0x243/0xa30 [f2fs]
 ? __mod_lruvec_page_state+0xa0/0x150
 do_write_page+0x80/0x160 [f2fs]
 f2fs_do_write_node_page+0x32/0x50 [f2fs]
 __write_node_page+0x339/0x730 [f2fs]
 f2fs_sync_node_pages+0x5a6/0x780 [f2fs]
 block_operations+0x257/0x340 [f2fs]
 f2fs_write_checkpoint+0x102/0x1050 [f2fs]
 f2fs_gc+0x27c/0x630 [f2fs]
 ? folio_mark_dirty+0x36/0x70
 f2fs_balance_fs+0x16f/0x180 [f2fs]

This patch adds checking whether free sections are enough before checkpoint
during gc.

[Jaegeuk Kim: code clean-up]

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 6

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < f4631d295ae3fff9e240ab78dc17f4b83d14f7bc

Version a9163b947ae8f7af7cb8d63606cd87b9facbfe74

Status affected

Version < ce71c61d661cfac3f097af928995abfcebd2b8c5

Version a9163b947ae8f7af7cb8d63606cd87b9facbfe74

Status affected

Version < d11cef14f8146f3babd286c2cc8ca09c166295e2

Version a9163b947ae8f7af7cb8d63606cd87b9facbfe74

Status affected

Version ec769406d06d5006c40554c4640f6e584ab6ae26

Status affected

Version 8102416c05bb08795b9278a8664f9be827fadbe2

Status affected

Version 938166b2b3051d9965c36f9b5228966d4f198b2a

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.19

Status affected

Version < 5.19

Version 0

Status unaffected

Version <= 6.1.*

Version 6.1.30

Status unaffected

Version <= 6.3.*

Version 6.3.4

Status unaffected

Version <= *

Version 6.4

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.058

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/f4631d295ae3fff9e240ab78dc17f4b83d14f7bc

https://git.kernel.org/stable/c/ce71c61d661cfac3f097af928995abfcebd2b8c5

https://git.kernel.org/stable/c/d11cef14f8146f3babd286c2cc8ca09c166295e2

https://nvd.nist.gov/vuln/detail/CVE-2023-54151

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-54151

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-54151

EUVD