CVE-2023-53269
BaseFortify
Publication date: 2025-09-16
Last updated on: 2025-12-03
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 6.0 (inc) to 6.1.24 (exc) |
| linux | linux_kernel | From 6.2 (inc) to 6.2.11 (exc) |
| linux | linux_kernel | 6.3 |
| linux | linux_kernel | 6.3 |
| linux | linux_kernel | 6.3 |
| linux | linux_kernel | 6.3 |
| linux | linux_kernel | 6.3 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-NVD-CWE-noinfo |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in the Linux kernel's block layer involves the ublk component not ensuring that the block size is set correctly. An incorrect block size is critical because it can easily cause the kernel to panic. The fix ensures the block size is properly set and, if parameter validation fails, prevents the disk from being added by clearing the parameters.
How can this vulnerability impact me? :
If exploited or triggered, this vulnerability can cause the Linux kernel to panic, leading to system crashes or instability. This can result in downtime, potential data loss, or disruption of services relying on the affected system.
What immediate steps should I take to mitigate this vulnerability?
Ensure that your Linux kernel is updated to a version where this vulnerability is resolved. Specifically, use a kernel version that includes the fix for correct block size setting in the ublk block layer. If ublk_validate_params() fails, the system should clear ub->params to prevent the disk from being added, avoiding kernel panic. Applying the latest kernel patches or updates from your Linux distribution vendor is the recommended mitigation.