CVE-2023-53317 (GCVE-0-2023-53317)
Vulnerability from cvelistv5
Published
2025-09-16 16:11
Modified
2026-01-14 18:32
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved: ext4: fix WARNING in mb_find_extent Syzbot found the following issue: EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support! EXT4-fs (loop0): orphan cleanup on readonly fs ------------[ cut here ]------------ WARNING: CPU: 1 PID: 5067 at fs/ext4/mballoc.c:1869 mb_find_extent+0x8a1/0xe30 Modules linked in: CPU: 1 PID: 5067 Comm: syz-executor307 Not tainted 6.2.0-rc1-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 RIP: 0010:mb_find_extent+0x8a1/0xe30 fs/ext4/mballoc.c:1869 RSP: 0018:ffffc90003c9e098 EFLAGS: 00010293 RAX: ffffffff82405731 RBX: 0000000000000041 RCX: ffff8880783457c0 RDX: 0000000000000000 RSI: 0000000000000041 RDI: 0000000000000040 RBP: 0000000000000040 R08: ffffffff82405723 R09: ffffed10053c9402 R10: ffffed10053c9402 R11: 1ffff110053c9401 R12: 0000000000000000 R13: ffffc90003c9e538 R14: dffffc0000000000 R15: ffffc90003c9e2cc FS: 0000555556665300(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000056312f6796f8 CR3: 0000000022437000 CR4: 00000000003506e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <TASK> ext4_mb_complex_scan_group+0x353/0x1100 fs/ext4/mballoc.c:2307 ext4_mb_regular_allocator+0x1533/0x3860 fs/ext4/mballoc.c:2735 ext4_mb_new_blocks+0xddf/0x3db0 fs/ext4/mballoc.c:5605 ext4_ext_map_blocks+0x1868/0x6880 fs/ext4/extents.c:4286 ext4_map_blocks+0xa49/0x1cc0 fs/ext4/inode.c:651 ext4_getblk+0x1b9/0x770 fs/ext4/inode.c:864 ext4_bread+0x2a/0x170 fs/ext4/inode.c:920 ext4_quota_write+0x225/0x570 fs/ext4/super.c:7105 write_blk fs/quota/quota_tree.c:64 [inline] get_free_dqblk+0x34a/0x6d0 fs/quota/quota_tree.c:130 do_insert_tree+0x26b/0x1aa0 fs/quota/quota_tree.c:340 do_insert_tree+0x722/0x1aa0 fs/quota/quota_tree.c:375 do_insert_tree+0x722/0x1aa0 fs/quota/quota_tree.c:375 do_insert_tree+0x722/0x1aa0 fs/quota/quota_tree.c:375 dq_insert_tree fs/quota/quota_tree.c:401 [inline] qtree_write_dquot+0x3b6/0x530 fs/quota/quota_tree.c:420 v2_write_dquot+0x11b/0x190 fs/quota/quota_v2.c:358 dquot_acquire+0x348/0x670 fs/quota/dquot.c:444 ext4_acquire_dquot+0x2dc/0x400 fs/ext4/super.c:6740 dqget+0x999/0xdc0 fs/quota/dquot.c:914 __dquot_initialize+0x3d0/0xcf0 fs/quota/dquot.c:1492 ext4_process_orphan+0x57/0x2d0 fs/ext4/orphan.c:329 ext4_orphan_cleanup+0xb60/0x1340 fs/ext4/orphan.c:474 __ext4_fill_super fs/ext4/super.c:5516 [inline] ext4_fill_super+0x81cd/0x8700 fs/ext4/super.c:5644 get_tree_bdev+0x400/0x620 fs/super.c:1282 vfs_get_tree+0x88/0x270 fs/super.c:1489 do_new_mount+0x289/0xad0 fs/namespace.c:3145 do_mount fs/namespace.c:3488 [inline] __do_sys_mount fs/namespace.c:3697 [inline] __se_sys_mount+0x2d3/0x3c0 fs/namespace.c:3674 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x63/0xcd Add some debug information: mb_find_extent: mb_find_extent block=41, order=0 needed=64 next=0 ex=0/41/1@3735929054 64 64 7 block_bitmap: ff 3f 0c 00 fc 01 00 00 d2 3d 00 00 00 00 00 00 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff Acctually, blocks per group is 64, but block bitmap indicate at least has 128 blocks. Now, ext4_validate_block_bitmap() didn't check invalid block's bitmap if set. To resolve above issue, add check like fsck "Padding at end of block bitmap is not set".
References
Impacted products
Vendor Product Version
Linux Linux Version: abcb2947c91130426539f209f7a473a67a1f6663
Version: abcb2947c91130426539f209f7a473a67a1f6663
Version: abcb2947c91130426539f209f7a473a67a1f6663
Version: abcb2947c91130426539f209f7a473a67a1f6663
Version: abcb2947c91130426539f209f7a473a67a1f6663
Version: abcb2947c91130426539f209f7a473a67a1f6663
Version: abcb2947c91130426539f209f7a473a67a1f6663
Version: abcb2947c91130426539f209f7a473a67a1f6663
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-53317",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-14T18:26:23.171880Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-14T18:32:57.980Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/ext4/balloc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "775b00ba23f6f916fe2ac60c5ff7fd0fe4f28d0d",
              "status": "affected",
              "version": "abcb2947c91130426539f209f7a473a67a1f6663",
              "versionType": "git"
            },
            {
              "lessThan": "1b90fbc7590124c57a2e590de7fd07eba26606f1",
              "status": "affected",
              "version": "abcb2947c91130426539f209f7a473a67a1f6663",
              "versionType": "git"
            },
            {
              "lessThan": "5d356d902e9d5b1aaaaf2326d365340fa8a90c1b",
              "status": "affected",
              "version": "abcb2947c91130426539f209f7a473a67a1f6663",
              "versionType": "git"
            },
            {
              "lessThan": "d55e76e11592a1d18a179c7fd34ca1b52632beb3",
              "status": "affected",
              "version": "abcb2947c91130426539f209f7a473a67a1f6663",
              "versionType": "git"
            },
            {
              "lessThan": "dba62fa84a8eac44a53a2862de8a40e5bdfa0ae3",
              "status": "affected",
              "version": "abcb2947c91130426539f209f7a473a67a1f6663",
              "versionType": "git"
            },
            {
              "lessThan": "e4d503c956a744cb59e509ca5f134cfad423c7a3",
              "status": "affected",
              "version": "abcb2947c91130426539f209f7a473a67a1f6663",
              "versionType": "git"
            },
            {
              "lessThan": "dd45e536f47a82e0a405f9a4b6c7ceb367171ee9",
              "status": "affected",
              "version": "abcb2947c91130426539f209f7a473a67a1f6663",
              "versionType": "git"
            },
            {
              "lessThan": "fa08a7b61dff8a4df11ff1e84abfc214b487caf7",
              "status": "affected",
              "version": "abcb2947c91130426539f209f7a473a67a1f6663",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/ext4/balloc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.25"
            },
            {
              "lessThan": "2.6.25",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.283",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.243",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.180",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.112",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.29",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.2.*",
              "status": "unaffected",
              "version": "6.2.16",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.3.*",
              "status": "unaffected",
              "version": "6.3.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.4",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.283",
                  "versionStartIncluding": "2.6.25",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.243",
                  "versionStartIncluding": "2.6.25",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.180",
                  "versionStartIncluding": "2.6.25",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.112",
                  "versionStartIncluding": "2.6.25",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.29",
                  "versionStartIncluding": "2.6.25",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.2.16",
                  "versionStartIncluding": "2.6.25",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.3.3",
                  "versionStartIncluding": "2.6.25",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.4",
                  "versionStartIncluding": "2.6.25",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix WARNING in mb_find_extent\n\nSyzbot found the following issue:\n\nEXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!\nEXT4-fs (loop0): orphan cleanup on readonly fs\n------------[ cut here ]------------\nWARNING: CPU: 1 PID: 5067 at fs/ext4/mballoc.c:1869 mb_find_extent+0x8a1/0xe30\nModules linked in:\nCPU: 1 PID: 5067 Comm: syz-executor307 Not tainted 6.2.0-rc1-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022\nRIP: 0010:mb_find_extent+0x8a1/0xe30 fs/ext4/mballoc.c:1869\nRSP: 0018:ffffc90003c9e098 EFLAGS: 00010293\nRAX: ffffffff82405731 RBX: 0000000000000041 RCX: ffff8880783457c0\nRDX: 0000000000000000 RSI: 0000000000000041 RDI: 0000000000000040\nRBP: 0000000000000040 R08: ffffffff82405723 R09: ffffed10053c9402\nR10: ffffed10053c9402 R11: 1ffff110053c9401 R12: 0000000000000000\nR13: ffffc90003c9e538 R14: dffffc0000000000 R15: ffffc90003c9e2cc\nFS:  0000555556665300(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000056312f6796f8 CR3: 0000000022437000 CR4: 00000000003506e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ext4_mb_complex_scan_group+0x353/0x1100 fs/ext4/mballoc.c:2307\n ext4_mb_regular_allocator+0x1533/0x3860 fs/ext4/mballoc.c:2735\n ext4_mb_new_blocks+0xddf/0x3db0 fs/ext4/mballoc.c:5605\n ext4_ext_map_blocks+0x1868/0x6880 fs/ext4/extents.c:4286\n ext4_map_blocks+0xa49/0x1cc0 fs/ext4/inode.c:651\n ext4_getblk+0x1b9/0x770 fs/ext4/inode.c:864\n ext4_bread+0x2a/0x170 fs/ext4/inode.c:920\n ext4_quota_write+0x225/0x570 fs/ext4/super.c:7105\n write_blk fs/quota/quota_tree.c:64 [inline]\n get_free_dqblk+0x34a/0x6d0 fs/quota/quota_tree.c:130\n do_insert_tree+0x26b/0x1aa0 fs/quota/quota_tree.c:340\n do_insert_tree+0x722/0x1aa0 fs/quota/quota_tree.c:375\n do_insert_tree+0x722/0x1aa0 fs/quota/quota_tree.c:375\n do_insert_tree+0x722/0x1aa0 fs/quota/quota_tree.c:375\n dq_insert_tree fs/quota/quota_tree.c:401 [inline]\n qtree_write_dquot+0x3b6/0x530 fs/quota/quota_tree.c:420\n v2_write_dquot+0x11b/0x190 fs/quota/quota_v2.c:358\n dquot_acquire+0x348/0x670 fs/quota/dquot.c:444\n ext4_acquire_dquot+0x2dc/0x400 fs/ext4/super.c:6740\n dqget+0x999/0xdc0 fs/quota/dquot.c:914\n __dquot_initialize+0x3d0/0xcf0 fs/quota/dquot.c:1492\n ext4_process_orphan+0x57/0x2d0 fs/ext4/orphan.c:329\n ext4_orphan_cleanup+0xb60/0x1340 fs/ext4/orphan.c:474\n __ext4_fill_super fs/ext4/super.c:5516 [inline]\n ext4_fill_super+0x81cd/0x8700 fs/ext4/super.c:5644\n get_tree_bdev+0x400/0x620 fs/super.c:1282\n vfs_get_tree+0x88/0x270 fs/super.c:1489\n do_new_mount+0x289/0xad0 fs/namespace.c:3145\n do_mount fs/namespace.c:3488 [inline]\n __do_sys_mount fs/namespace.c:3697 [inline]\n __se_sys_mount+0x2d3/0x3c0 fs/namespace.c:3674\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nAdd some debug information:\nmb_find_extent: mb_find_extent block=41, order=0 needed=64 next=0 ex=0/41/1@3735929054 64 64 7\nblock_bitmap: ff 3f 0c 00 fc 01 00 00 d2 3d 00 00 00 00 00 00 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff\n\nAcctually, blocks per group is 64, but block bitmap indicate at least has\n128 blocks. Now, ext4_validate_block_bitmap() didn\u0027t check invalid block\u0027s\nbitmap if set.\nTo resolve above issue, add check like fsck \"Padding at end of block bitmap is\nnot set\"."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-05T10:19:22.898Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/775b00ba23f6f916fe2ac60c5ff7fd0fe4f28d0d"
        },
        {
          "url": "https://git.kernel.org/stable/c/1b90fbc7590124c57a2e590de7fd07eba26606f1"
        },
        {
          "url": "https://git.kernel.org/stable/c/5d356d902e9d5b1aaaaf2326d365340fa8a90c1b"
        },
        {
          "url": "https://git.kernel.org/stable/c/d55e76e11592a1d18a179c7fd34ca1b52632beb3"
        },
        {
          "url": "https://git.kernel.org/stable/c/dba62fa84a8eac44a53a2862de8a40e5bdfa0ae3"
        },
        {
          "url": "https://git.kernel.org/stable/c/e4d503c956a744cb59e509ca5f134cfad423c7a3"
        },
        {
          "url": "https://git.kernel.org/stable/c/dd45e536f47a82e0a405f9a4b6c7ceb367171ee9"
        },
        {
          "url": "https://git.kernel.org/stable/c/fa08a7b61dff8a4df11ff1e84abfc214b487caf7"
        }
      ],
      "title": "ext4: fix WARNING in mb_find_extent",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-53317",
    "datePublished": "2025-09-16T16:11:53.877Z",
    "dateReserved": "2025-09-16T16:08:59.563Z",
    "dateUpdated": "2026-01-14T18:32:57.980Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.5, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-53317\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-01-14T18:26:23.171880Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"description\": \"CWE-noinfo Not enough information\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-01-14T18:26:19.152Z\"}}], \"cna\": {\"title\": \"ext4: fix WARNING in mb_find_extent\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"abcb2947c91130426539f209f7a473a67a1f6663\", \"lessThan\": \"775b00ba23f6f916fe2ac60c5ff7fd0fe4f28d0d\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"abcb2947c91130426539f209f7a473a67a1f6663\", \"lessThan\": \"1b90fbc7590124c57a2e590de7fd07eba26606f1\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"abcb2947c91130426539f209f7a473a67a1f6663\", \"lessThan\": \"5d356d902e9d5b1aaaaf2326d365340fa8a90c1b\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"abcb2947c91130426539f209f7a473a67a1f6663\", \"lessThan\": \"d55e76e11592a1d18a179c7fd34ca1b52632beb3\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"abcb2947c91130426539f209f7a473a67a1f6663\", \"lessThan\": \"dba62fa84a8eac44a53a2862de8a40e5bdfa0ae3\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"abcb2947c91130426539f209f7a473a67a1f6663\", \"lessThan\": \"e4d503c956a744cb59e509ca5f134cfad423c7a3\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"abcb2947c91130426539f209f7a473a67a1f6663\", \"lessThan\": \"dd45e536f47a82e0a405f9a4b6c7ceb367171ee9\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"abcb2947c91130426539f209f7a473a67a1f6663\", \"lessThan\": \"fa08a7b61dff8a4df11ff1e84abfc214b487caf7\", \"versionType\": \"git\"}], \"programFiles\": [\"fs/ext4/balloc.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.6.25\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"2.6.25\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"4.19.283\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"4.19.*\"}, {\"status\": \"unaffected\", \"version\": \"5.4.243\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.4.*\"}, {\"status\": \"unaffected\", \"version\": \"5.10.180\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.10.*\"}, {\"status\": \"unaffected\", \"version\": \"5.15.112\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.15.*\"}, {\"status\": \"unaffected\", \"version\": \"6.1.29\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.1.*\"}, {\"status\": \"unaffected\", \"version\": \"6.2.16\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.2.*\"}, {\"status\": \"unaffected\", \"version\": \"6.3.3\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.3.*\"}, {\"status\": \"unaffected\", \"version\": \"6.4\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"fs/ext4/balloc.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/775b00ba23f6f916fe2ac60c5ff7fd0fe4f28d0d\"}, {\"url\": \"https://git.kernel.org/stable/c/1b90fbc7590124c57a2e590de7fd07eba26606f1\"}, {\"url\": \"https://git.kernel.org/stable/c/5d356d902e9d5b1aaaaf2326d365340fa8a90c1b\"}, {\"url\": \"https://git.kernel.org/stable/c/d55e76e11592a1d18a179c7fd34ca1b52632beb3\"}, {\"url\": \"https://git.kernel.org/stable/c/dba62fa84a8eac44a53a2862de8a40e5bdfa0ae3\"}, {\"url\": \"https://git.kernel.org/stable/c/e4d503c956a744cb59e509ca5f134cfad423c7a3\"}, {\"url\": \"https://git.kernel.org/stable/c/dd45e536f47a82e0a405f9a4b6c7ceb367171ee9\"}, {\"url\": \"https://git.kernel.org/stable/c/fa08a7b61dff8a4df11ff1e84abfc214b487caf7\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\next4: fix WARNING in mb_find_extent\\n\\nSyzbot found the following issue:\\n\\nEXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!\\nEXT4-fs (loop0): orphan cleanup on readonly fs\\n------------[ cut here ]------------\\nWARNING: CPU: 1 PID: 5067 at fs/ext4/mballoc.c:1869 mb_find_extent+0x8a1/0xe30\\nModules linked in:\\nCPU: 1 PID: 5067 Comm: syz-executor307 Not tainted 6.2.0-rc1-syzkaller #0\\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022\\nRIP: 0010:mb_find_extent+0x8a1/0xe30 fs/ext4/mballoc.c:1869\\nRSP: 0018:ffffc90003c9e098 EFLAGS: 00010293\\nRAX: ffffffff82405731 RBX: 0000000000000041 RCX: ffff8880783457c0\\nRDX: 0000000000000000 RSI: 0000000000000041 RDI: 0000000000000040\\nRBP: 0000000000000040 R08: ffffffff82405723 R09: ffffed10053c9402\\nR10: ffffed10053c9402 R11: 1ffff110053c9401 R12: 0000000000000000\\nR13: ffffc90003c9e538 R14: dffffc0000000000 R15: ffffc90003c9e2cc\\nFS:  0000555556665300(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000\\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\\nCR2: 000056312f6796f8 CR3: 0000000022437000 CR4: 00000000003506e0\\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\\nCall Trace:\\n \u003cTASK\u003e\\n ext4_mb_complex_scan_group+0x353/0x1100 fs/ext4/mballoc.c:2307\\n ext4_mb_regular_allocator+0x1533/0x3860 fs/ext4/mballoc.c:2735\\n ext4_mb_new_blocks+0xddf/0x3db0 fs/ext4/mballoc.c:5605\\n ext4_ext_map_blocks+0x1868/0x6880 fs/ext4/extents.c:4286\\n ext4_map_blocks+0xa49/0x1cc0 fs/ext4/inode.c:651\\n ext4_getblk+0x1b9/0x770 fs/ext4/inode.c:864\\n ext4_bread+0x2a/0x170 fs/ext4/inode.c:920\\n ext4_quota_write+0x225/0x570 fs/ext4/super.c:7105\\n write_blk fs/quota/quota_tree.c:64 [inline]\\n get_free_dqblk+0x34a/0x6d0 fs/quota/quota_tree.c:130\\n do_insert_tree+0x26b/0x1aa0 fs/quota/quota_tree.c:340\\n do_insert_tree+0x722/0x1aa0 fs/quota/quota_tree.c:375\\n do_insert_tree+0x722/0x1aa0 fs/quota/quota_tree.c:375\\n do_insert_tree+0x722/0x1aa0 fs/quota/quota_tree.c:375\\n dq_insert_tree fs/quota/quota_tree.c:401 [inline]\\n qtree_write_dquot+0x3b6/0x530 fs/quota/quota_tree.c:420\\n v2_write_dquot+0x11b/0x190 fs/quota/quota_v2.c:358\\n dquot_acquire+0x348/0x670 fs/quota/dquot.c:444\\n ext4_acquire_dquot+0x2dc/0x400 fs/ext4/super.c:6740\\n dqget+0x999/0xdc0 fs/quota/dquot.c:914\\n __dquot_initialize+0x3d0/0xcf0 fs/quota/dquot.c:1492\\n ext4_process_orphan+0x57/0x2d0 fs/ext4/orphan.c:329\\n ext4_orphan_cleanup+0xb60/0x1340 fs/ext4/orphan.c:474\\n __ext4_fill_super fs/ext4/super.c:5516 [inline]\\n ext4_fill_super+0x81cd/0x8700 fs/ext4/super.c:5644\\n get_tree_bdev+0x400/0x620 fs/super.c:1282\\n vfs_get_tree+0x88/0x270 fs/super.c:1489\\n do_new_mount+0x289/0xad0 fs/namespace.c:3145\\n do_mount fs/namespace.c:3488 [inline]\\n __do_sys_mount fs/namespace.c:3697 [inline]\\n __se_sys_mount+0x2d3/0x3c0 fs/namespace.c:3674\\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\\n do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80\\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\\n\\nAdd some debug information:\\nmb_find_extent: mb_find_extent block=41, order=0 needed=64 next=0 ex=0/41/1@3735929054 64 64 7\\nblock_bitmap: ff 3f 0c 00 fc 01 00 00 d2 3d 00 00 00 00 00 00 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff\\n\\nAcctually, blocks per group is 64, but block bitmap indicate at least has\\n128 blocks. Now, ext4_validate_block_bitmap() didn\u0027t check invalid block\u0027s\\nbitmap if set.\\nTo resolve above issue, add check like fsck \\\"Padding at end of block bitmap is\\nnot set\\\".\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"4.19.283\", \"versionStartIncluding\": \"2.6.25\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.4.243\", \"versionStartIncluding\": \"2.6.25\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.10.180\", \"versionStartIncluding\": \"2.6.25\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.15.112\", \"versionStartIncluding\": \"2.6.25\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.1.29\", \"versionStartIncluding\": \"2.6.25\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.2.16\", \"versionStartIncluding\": \"2.6.25\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.3.3\", \"versionStartIncluding\": \"2.6.25\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.4\", \"versionStartIncluding\": \"2.6.25\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2026-01-05T10:19:22.898Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-53317\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-01-14T18:32:57.980Z\", \"dateReserved\": \"2025-09-16T16:08:59.563Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2025-09-16T16:11:53.877Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.