CVE-2023-53295
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-09-16
Last updated on: 2025-12-02
Assigner: kernel.org
Description
Description
In the Linux kernel, the following vulnerability has been resolved:
udf: Do not update file length for failed writes to inline files
When write to inline file fails (or happens only partly), we still
updated length of inline data as if the whole write succeeded. Fix the
update of length of inline data to happen only if the write succeeds.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | to 4.14.308 (exc) |
| linux | linux_kernel | From 4.15 (inc) to 4.19.276 (exc) |
| linux | linux_kernel | From 4.20 (inc) to 5.4.235 (exc) |
| linux | linux_kernel | From 5.5 (inc) to 5.10.173 (exc) |
| linux | linux_kernel | From 5.11 (inc) to 5.15.99 (exc) |
| linux | linux_kernel | From 5.16 (inc) to 6.1.16 (exc) |
| linux | linux_kernel | From 6.2 (inc) to 6.2.3 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-NVD-CWE-noinfo |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is in the Linux kernel's handling of inline files in the udf filesystem. When a write operation to an inline file fails or only partially succeeds, the system incorrectly updates the file length as if the entire write succeeded. The fix ensures that the file length is only updated if the write operation fully succeeds.
How can this vulnerability impact me? :
This vulnerability can lead to incorrect file length metadata after failed or partial writes to inline files, potentially causing data inconsistency or corruption issues in the filesystem.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70