CVE-2023-53295
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-16

Last updated on: 2025-12-02

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: udf: Do not update file length for failed writes to inline files When write to inline file fails (or happens only partly), we still updated length of inline data as if the whole write succeeded. Fix the update of length of inline data to happen only if the write succeeds.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-16
Last Modified
2025-12-02
Generated
2026-06-16
AI Q&A
2025-09-16
EPSS Evaluated
2026-06-15
NVD
CVE-2023-53295
Affected Vendors & Products
Showing 7 associated CPEs
Vendor Product Version / Range
linux linux_kernel to 4.14.308 (exc)
linux linux_kernel From 4.15 (inc) to 4.19.276 (exc)
linux linux_kernel From 4.20 (inc) to 5.4.235 (exc)
linux linux_kernel From 5.5 (inc) to 5.10.173 (exc)
linux linux_kernel From 5.11 (inc) to 5.15.99 (exc)
linux linux_kernel From 5.16 (inc) to 6.1.16 (exc)
linux linux_kernel From 6.2 (inc) to 6.2.3 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-NVD-CWE-noinfo
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is in the Linux kernel's handling of inline files in the udf filesystem. When a write operation to an inline file fails or only partially succeeds, the system incorrectly updates the file length as if the entire write succeeded. The fix ensures that the file length is only updated if the write operation fully succeeds.

Impact Analysis

This vulnerability can lead to incorrect file length metadata after failed or partial writes to inline files, potentially causing data inconsistency or corruption issues in the filesystem.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-53295. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart