CVE-2023-53224

MEDIUM EPSS 4.2%
Published Sep 15, 20259mo ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Sep 15, 2025 9mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: ext4: Fix function prototype mismatch for ext4_feat_ktype With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG), indirect call targets are validated against the expected function pointer prototype to make sure the call target is valid to help mitigate ROP attacks. If they are not identical, there is a failure at run time, which manifests as either a kernel panic or thread getting killed. ext4_feat_ktype was setting the "release" handler to "kfree", which doesn't have a matching function prototype. Add a simple wrapper with the correct prototype. This was found as a result of Clang's new -Wcast-function-type-strict flag, which is more sensitive than the simpler -Wcast-function-type, which only checks for type width mismatches. Note that this code is only reached when ext4 is a loadable module and it is being unloaded: CFI failure at kobject_put+0xbb/0x1b0 (target: kfree+0x0/0x180; expected type: 0x7c4aa698) ... RIP: 0010:kobject_put+0xbb/0x1b0 ... Call Trace: <TASK> ext4_exit_sysfs+0x14/0x60 [ext4] cleanup_module+0x67/0xedb [ext4]

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
4.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-401

Affected Products 6

VendorProductVersionRange
linuxlinux_kernel*≥4.16  –  <4.19.274
linuxlinux_kernel*≥4.20  –  <5.4.233
linuxlinux_kernel*≥5.5  –  <5.10.170
linuxlinux_kernel*≥5.11  –  <5.15.96
linuxlinux_kernel*≥5.16  –  <6.1.14
linuxlinux_kernel*≥6.2  –  <6.2.1

References 7

  • git.kernel.org https://git.kernel.org/stable/c/0a1394e07c5d6bf1bfc25db8589ff1b1bfb6f46a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/118901ad1f25d2334255b3d50512fa20591531cd
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/1ba10d3640e9783dad811fe4e24d55465c37c64d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2b69cdd9f9a7f596e3dd31f05f9852940d177924
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/94d8de83286fb1827340eba35b61c308f6b46ead
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/99e3fd21f8fc975c95e8cf76fbf6a3d2656f8f71
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c98077f7598a562f51051eec043be0cb3e1b1b5e
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/0a1394e07c5d6bf1bfc25db8589ff1b1bfb6f46a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/118901ad1f25d2334255b3d50512fa20591531cd
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/1ba10d3640e9783dad811fe4e24d55465c37c64d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2b69cdd9f9a7f596e3dd31f05f9852940d177924
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/94d8de83286fb1827340eba35b61c308f6b46ead
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/99e3fd21f8fc975c95e8cf76fbf6a3d2656f8f71
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c98077f7598a562f51051eec043be0cb3e1b1b5e
    Patch