CVE-2023-54182

EPSS 0.03%
Veröffentlicht 30.12.2025 12:08:53
Zuletzt bearbeitet 31.12.2025 20:43:05
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

f2fs: fix to check readonly condition correctly

With below case, it can mount multi-device image w/ rw option, however
one of secondary device is set as ro, later update will cause panic, so
let's introduce f2fs_dev_is_readonly(), and check multi-devices rw status
in f2fs_remount() w/ it in order to avoid such inconsistent mount status.

mkfs.f2fs -c /dev/zram1 /dev/zram0 -f
blockdev --setro /dev/zram1
mount -t f2fs dev/zram0 /mnt/f2fs
mount: /mnt/f2fs: WARNING: source write-protected, mounted read-only.
mount -t f2fs -o remount,rw mnt/f2fs
dd if=/dev/zero  of=/mnt/f2fs/file bs=1M count=8192

kernel BUG at fs/f2fs/inline.c:258!
RIP: 0010:f2fs_write_inline_data+0x23e/0x2d0 [f2fs]
Call Trace:
  f2fs_write_single_data_page+0x26b/0x9f0 [f2fs]
  f2fs_write_cache_pages+0x389/0xa60 [f2fs]
  __f2fs_write_data_pages+0x26b/0x2d0 [f2fs]
  f2fs_write_data_pages+0x2e/0x40 [f2fs]
  do_writepages+0xd3/0x1b0
  __writeback_single_inode+0x5b/0x420
  writeback_sb_inodes+0x236/0x5a0
  __writeback_inodes_wb+0x56/0xf0
  wb_writeback+0x2a3/0x490
  wb_do_writeback+0x2b2/0x330
  wb_workfn+0x6a/0x260
  process_one_work+0x270/0x5e0
  worker_thread+0x52/0x3e0
  kthread+0xf4/0x120
  ret_from_fork+0x29/0x50

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < e2759a59a4cc96af712084e9db7065c858c4fe9f

Version f824deb54b683165b953371a0529446c723ef6d6

Status affected

Version < e05d63f8b48aad4613bd582c945bee41e2dd7255

Version f824deb54b683165b953371a0529446c723ef6d6

Status affected

Version < da8c535b28696017e5d1532d12ea78e836432d9e

Version f824deb54b683165b953371a0529446c723ef6d6

Status affected

Version < d78dfefcde9d311284434560d69c0478c55a657e

Version f824deb54b683165b953371a0529446c723ef6d6

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.2

Status affected

Version < 5.2

Version 0

Status unaffected

Version <= 5.15.*

Version 5.15.113

Status unaffected

Version <= 6.1.*

Version 6.1.30

Status unaffected

Version <= 6.3.*

Version 6.3.4

Status unaffected

Version <= *

Version 6.4

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.063

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/e2759a59a4cc96af712084e9db7065c858c4fe9f

https://git.kernel.org/stable/c/e05d63f8b48aad4613bd582c945bee41e2dd7255

https://git.kernel.org/stable/c/da8c535b28696017e5d1532d12ea78e836432d9e

https://git.kernel.org/stable/c/d78dfefcde9d311284434560d69c0478c55a657e

https://nvd.nist.gov/vuln/detail/CVE-2023-54182

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-54182

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-54182

EUVD