CVE-2023-53695

Summary

In the Linux kernel, the following vulnerability has been resolved:

udf: Detect system inodes linked into directory hierarchy

When UDF filesystem is corrupted, hidden system inodes can be linked into directory hierarchy which is an avenue for further serious corruption of the filesystem and kernel confusion as noticed by syzbot fuzzed images. Refuse to access system inodes linked into directory hierarchy and vice versa.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux6174c2eb8ecef271159bdcde460ce8af54d8f72f < 1dc71eeb198a8daa17d0c995998a53b0b749a158affected
LinuxLinux6174c2eb8ecef271159bdcde460ce8af54d8f72f < d747b31e2925a2f384e7dd1901a2e5bc5f984ed8affected
LinuxLinux6174c2eb8ecef271159bdcde460ce8af54d8f72f < a44ec34b90440ada190924f5908b97026504fdcdaffected
LinuxLinux6174c2eb8ecef271159bdcde460ce8af54d8f72f < 37e74003d81e79457535cbbdfa1603431c03fac0affected
LinuxLinux6174c2eb8ecef271159bdcde460ce8af54d8f72f < 1f328751b65c49c13a312d67a3bf27766b85baf7affected
LinuxLinux6174c2eb8ecef271159bdcde460ce8af54d8f72f < 9e3b5ef7d02eaa6553e79b4af9bd99227280f245affected
LinuxLinux6174c2eb8ecef271159bdcde460ce8af54d8f72f < 85a37983ec69cc9fcd188bc37c4de15ee326355aaffected
LinuxLinux801c7a20d255e300ab51a6fcb1d0e218d136b16faffected
LinuxLinux3.17.2 < 3.18affected
LinuxLinux3.18affected
LinuxLinux0 < 3.18unaffected
LinuxLinux4.19.278 <= 4.19.*unaffected
LinuxLinux5.4.235 <= 5.4.*unaffected
LinuxLinux5.10.173 <= 5.10.*unaffected
LinuxLinux5.15.99 <= 5.15.*unaffected
LinuxLinux6.1.16 <= 6.1.*unaffected
LinuxLinux6.2.3 <= 6.2.*unaffected
LinuxLinux6.3 <= *unaffected

Weaknesses

References