CVE-2023-53163
BaseFortify
Publication date: 2025-09-15
Last updated on: 2025-11-24
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | 6.2 |
| linux | linux_kernel | 6.2 |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-NVD-CWE-noinfo |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in the Linux kernel's NTFS3 file system involves a deadlock issue. Specifically, the code held a lock called ni_lock while calling truncate_setsize(), which could cause a silent deadlock due to interaction with the PG_locked bit. The problem arises because truncate_setsize() waits for the PG_locked bit to clear while ni_lock is held, leading to a hung task. The fix was to avoid holding ni_lock when calling truncate_setsize().
How can this vulnerability impact me? :
This vulnerability can cause the Linux kernel to hang or deadlock when handling NTFS file truncation operations, potentially leading to system instability or unresponsiveness during file operations on NTFS file systems.