CVE-2023-53163

Summary

In the Linux kernel, the following vulnerability has been resolved:

fs/ntfs3: don't hold ni_lock when calling truncate_setsize()

syzbot is reporting hung task at do_user_addr_fault() [1], for there is a silent deadlock between PG_locked bit and ni_lock lock.

Since filemap_update_page() calls filemap_read_folio() after calling folio_trylock() which will set PG_locked bit, ntfs_truncate() must not call truncate_setsize() which will wait for PG_locked bit to be cleared when holding ni_lock lock.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux4342306f0f0d5ff4315a204d315c1b51b914fca5 < 8414983c2e649364d8af29080a0869266b31abb6affected
LinuxLinux4342306f0f0d5ff4315a204d315c1b51b914fca5 < 6bb6b1c6b0c31e36736b87a39dd1cbbd9d5ec22faffected
LinuxLinux4342306f0f0d5ff4315a204d315c1b51b914fca5 < 73fee7e1e5ea11b51c51c46e0577a197ca3602cfaffected
LinuxLinux4342306f0f0d5ff4315a204d315c1b51b914fca5 < 0226635c304cfd5c9db9b78c259cb713819b057eaffected
LinuxLinux5.15affected
LinuxLinux0 < 5.15unaffected
LinuxLinux5.15.87 <= 5.15.*unaffected
LinuxLinux6.0.19 <= 6.0.*unaffected
LinuxLinux6.1.5 <= 6.1.*unaffected
LinuxLinux6.2 <= *unaffected

Weaknesses

References