CVE-2023-53091
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
ext4: update s_journal_inum if it changes after journal replay
When mounting a crafted ext4 image, s_journal_inum may change after journal replay, which is obviously unreasonable because we have successfully loaded and replayed the journal through the old s_journal_inum. And the new s_journal_inum bypasses some of the checks in ext4_get_journal(), which may trigger a null pointer dereference problem. So if s_journal_inum changes after the journal replay, we ignore the change, and rewrite the current journal_inum to the superblock.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 345c0dbf3a30872d9b204db96b5857cd00808cae < 499fef2030fb754c68b1c7cb3a799a3bc1d0d925 | affected |
| Linux | Linux | 345c0dbf3a30872d9b204db96b5857cd00808cae < 70e66bdeae4d0f7c8e87762f425b68aedd5e8955 | affected |
| Linux | Linux | 345c0dbf3a30872d9b204db96b5857cd00808cae < ee0c5277d4fab920bd31345c49e193ecede9ecef | affected |
| Linux | Linux | 345c0dbf3a30872d9b204db96b5857cd00808cae < 3039d8b8692408438a618fac2776b629852663c3 | affected |
| Linux | Linux | 51890201da4d654f6ca131bc45a0e892bb10de1d | affected |
| Linux | Linux | 7eff961ca9f364be255d279346517ba0158ec8e3 | affected |
| Linux | Linux | a9855260fe8d8680bf8c4f0d8303b696c861e99b | affected |
| Linux | Linux | 795762468125a6412c089651e74f780bee154118 | affected |
| Linux | Linux | 2fd4629de51974002f4e9cf1a35a1926dd6c9d99 | affected |
| Linux | Linux | 3.16.85 < 3.17 | affected |
| Linux | Linux | 4.4.221 < 4.5 | affected |
| Linux | Linux | 4.9.221 < 4.10 | affected |
| Linux | Linux | 4.14.178 < 4.15 | affected |
| Linux | Linux | 4.19.73 < 4.20 | affected |
| Linux | Linux | 5.2 | affected |
| Linux | Linux | 0 < 5.2 | unaffected |
| Linux | Linux | 5.15.104 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.21 <= 6.1.* | unaffected |
| Linux | Linux | 6.2.8 <= 6.2.* | unaffected |
| Linux | Linux | 6.3 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/499fef2030fb754c68b1c7cb3a799a3bc1d0d925
- https://git.kernel.org/stable/c/70e66bdeae4d0f7c8e87762f425b68aedd5e8955
- https://git.kernel.org/stable/c/ee0c5277d4fab920bd31345c49e193ecede9ecef
- https://git.kernel.org/stable/c/3039d8b8692408438a618fac2776b629852663c3
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.