CVE-2023-53081

Summary

In the Linux kernel, the following vulnerability has been resolved:

ocfs2: fix data corruption after failed write

When buffered write fails to copy data into underlying page cache page, ocfs2_write_end_nolock() just zeroes out and dirties the page. This can leave dirty page beyond EOF and if page writeback tries to write this page before write succeeds and expands i_size, page gets into inconsistent state where page dirty bit is clear but buffer dirty bits stay set resulting in page data never getting written and so data copied to the page is lost. Fix the problem by invalidating page beyond EOF after failed write.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux7ed80e77c908cbaa686529a49f8ae0060c5caee7 < 1629f6f522b2d058019710466a84b240683bbee3affected
LinuxLinux7ce2b16bad2cbfa3fa7bbc42c4448914f639ca47 < c26f3ff4c0be590c1250f945ac2e4fc5fcdc5f45affected
LinuxLinuxf8a6a2ed4b7d1c3c8631eeb6d00572bc853094a8 < 4c24eb49ab44351424ac8fe8567f91ea48a06089affected
LinuxLinux6dbf7bb555981fb5faf7b691e8f6169fc2b2e63b < 91d7a4bd5656552d6259e2d0f8859f9e8cc5ef68affected
LinuxLinux6dbf7bb555981fb5faf7b691e8f6169fc2b2e63b < a9e53869cb43c96d6d851c491fd4e26430ab6ba6affected
LinuxLinux6dbf7bb555981fb5faf7b691e8f6169fc2b2e63b < 47eb055ad3588fc96d34e9e1dd87b210ce62906baffected
LinuxLinux6dbf7bb555981fb5faf7b691e8f6169fc2b2e63b < 205759c6c18f54659b0b5976b14a52d1b3eb9f57affected
LinuxLinux6dbf7bb555981fb5faf7b691e8f6169fc2b2e63b < 90410bcf873cf05f54a32183afff0161f44f9715affected
LinuxLinuxacef5107e2eacb08a16ad5db60320d65bd26a6c0affected
LinuxLinux36ed9e604215f58cec0381ca5fcc6da05f2d87caaffected
LinuxLinux4.14.204 < 4.14.312affected
LinuxLinux4.19.155 < 4.19.280affected
LinuxLinux5.4.75 < 5.4.240affected
LinuxLinux4.9.242 < 4.10affected
LinuxLinux5.9.5 < 5.10affected
LinuxLinux5.10affected
LinuxLinux0 < 5.10unaffected
LinuxLinux4.14.312 <= 4.14.*unaffected
LinuxLinux4.19.280 <= 4.19.*unaffected
LinuxLinux5.4.240 <= 5.4.*unaffected
LinuxLinux5.10.177 <= 5.10.*unaffected
LinuxLinux5.15.105 <= 5.15.*unaffected
LinuxLinux6.1.21 <= 6.1.*unaffected
LinuxLinux6.2.8 <= 6.2.*unaffected
LinuxLinux6.3 <= *unaffected

Weaknesses

References