CVE-2023-53337

MEDIUM EPSS 8.7%
Published Sep 17, 20259mo ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Sep 17, 2025 9mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: nilfs2: do not write dirty data after degenerating to read-only According to syzbot's report, mark_buffer_dirty() called from nilfs_segctor_do_construct() outputs a warning with some patterns after nilfs2 detects metadata corruption and degrades to read-only mode. After such read-only degeneration, page cache data may be cleared through nilfs_clear_dirty_page() which may also clear the uptodate flag for their buffer heads. However, even after the degeneration, log writes are still performed by unmount processing etc., which causes mark_buffer_dirty() to be called for buffer heads without the "uptodate" flag and causes the warning. Since any writes should not be done to a read-only file system in the first place, this fixes the warning in mark_buffer_dirty() by letting nilfs_segctor_do_construct() abort early if in read-only mode. This also changes the retry check of nilfs_segctor_write_out() to avoid unnecessary log write retries if it detects -EROFS that nilfs_segctor_do_construct() returned.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
8.7% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 8

VendorProductVersionRange
linuxlinux_kernel* <4.14.315
linuxlinux_kernel*≥4.15  –  <4.19.283
linuxlinux_kernel*≥4.20  –  <5.4.243
linuxlinux_kernel*≥5.5  –  <5.10.180
linuxlinux_kernel*≥5.11  –  <5.15.111
linuxlinux_kernel*≥5.16  –  <6.1.28
linuxlinux_kernel*≥6.2  –  <6.2.15
linuxlinux_kernel*≥6.3  –  <6.3.2

References 9

  • git.kernel.org https://git.kernel.org/stable/c/13f73ef77baa4764dc1ca4fcbae9cade05b83866
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/28a65b49eb53e172d23567005465019658bfdb4d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4005cec6847c06ee191583270b7cdd7e696543cc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4569a292a84e340e97d178898ad1cfe1a3080a61
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/55f7810632f993cff622a0ddbc7c865892294b61
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7c3e662048053802f6b0db3a78e97f4e1f7edc4f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a73201c607d8e506358d60aafddda4246bdd9350
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/bd89073fc7a5d03b1d06b372addbe405e5a925f4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e9c5412c5972124776c1b873533eb39e287a4dfa
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/13f73ef77baa4764dc1ca4fcbae9cade05b83866
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/28a65b49eb53e172d23567005465019658bfdb4d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4005cec6847c06ee191583270b7cdd7e696543cc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4569a292a84e340e97d178898ad1cfe1a3080a61
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/55f7810632f993cff622a0ddbc7c865892294b61
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7c3e662048053802f6b0db3a78e97f4e1f7edc4f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a73201c607d8e506358d60aafddda4246bdd9350
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/bd89073fc7a5d03b1d06b372addbe405e5a925f4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e9c5412c5972124776c1b873533eb39e287a4dfa
    Patch