CVE-2023-53337
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-17

Last updated on: 2025-12-11

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: nilfs2: do not write dirty data after degenerating to read-only According to syzbot's report, mark_buffer_dirty() called from nilfs_segctor_do_construct() outputs a warning with some patterns after nilfs2 detects metadata corruption and degrades to read-only mode. After such read-only degeneration, page cache data may be cleared through nilfs_clear_dirty_page() which may also clear the uptodate flag for their buffer heads. However, even after the degeneration, log writes are still performed by unmount processing etc., which causes mark_buffer_dirty() to be called for buffer heads without the "uptodate" flag and causes the warning. Since any writes should not be done to a read-only file system in the first place, this fixes the warning in mark_buffer_dirty() by letting nilfs_segctor_do_construct() abort early if in read-only mode. This also changes the retry check of nilfs_segctor_write_out() to avoid unnecessary log write retries if it detects -EROFS that nilfs_segctor_do_construct() returned.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-17
Last Modified
2025-12-11
Generated
2026-05-27
AI Q&A
2025-09-17
EPSS Evaluated
2026-05-26
NVD
CVE-2023-53337
Affected Vendors & Products
Showing 8 associated CPEs
Vendor Product Version / Range
linux linux_kernel to 4.14.315 (exc)
linux linux_kernel From 4.15 (inc) to 4.19.283 (exc)
linux linux_kernel From 4.20 (inc) to 5.4.243 (exc)
linux linux_kernel From 5.5 (inc) to 5.10.180 (exc)
linux linux_kernel From 5.11 (inc) to 5.15.111 (exc)
linux linux_kernel From 5.16 (inc) to 6.1.28 (exc)
linux linux_kernel From 6.2 (inc) to 6.2.15 (exc)
linux linux_kernel From 6.3 (inc) to 6.3.2 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-NVD-CWE-noinfo
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability involves the nilfs2 file system in the Linux kernel, where after detecting metadata corruption and switching to read-only mode, the system still attempts to write dirty data. Specifically, mark_buffer_dirty() is called improperly after the file system has degenerated to read-only, causing warnings and potential inconsistencies. The fix ensures that no writes occur after degeneration by aborting early if in read-only mode and adjusting retry logic to avoid unnecessary log write attempts.


How can this vulnerability impact me? :

The vulnerability can cause warnings and improper attempts to write data to a file system that has become read-only due to corruption. This may lead to data inconsistencies or unexpected behavior during unmount processing or other log writes, potentially affecting system stability or data integrity.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart