CVE-2023-53796

NONE EPSS 7.4%
Published Dec 9, 20256mo ago · Modified Jun 17, 20261w ago
Find Similar
Published Dec 9, 2025 6mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix information leak in f2fs_move_inline_dirents() When converting an inline directory to a regular one, f2fs is leaking uninitialized memory to disk because it doesn't initialize the entire directory block. Fix this by zero-initializing the block. This bug was introduced by commit 4ec17d688d74 ("f2fs: avoid unneeded initializing when converting inline dentry"), which didn't consider the security implications of leaking uninitialized memory to disk. This was found by running xfstest generic/435 on a KMSAN-enabled kernel.

Threat Intelligence

EPSS Exploit Probability
7.4% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

References 8

  • git.kernel.org https://git.kernel.org/stable/c/00b5587326625d0fddb2a5f5a3d4acd950102ace
  • git.kernel.org https://git.kernel.org/stable/c/117d4f6687b1f74423b5d398ea95c63b262a8e73
  • git.kernel.org https://git.kernel.org/stable/c/2bef8314fcf94ddc27e22d03f237c0fafd00de33
  • git.kernel.org https://git.kernel.org/stable/c/4e3b4b170bd43db1d8a93a6bd0ea434b17cc86f7
  • git.kernel.org https://git.kernel.org/stable/c/9a5571cff4ffcfc24847df9fd545cc5799ac0ee5
  • git.kernel.org https://git.kernel.org/stable/c/a6807ef0f3b3d8508d3b07a2e35de8a91820a014
  • git.kernel.org https://git.kernel.org/stable/c/eebaecef0095bb8f493c03982da75c6e7bae1056
  • git.kernel.org https://git.kernel.org/stable/c/f07a8d61b6ea81bb3cbe0638af40f8824d6147fd

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.