CVE-2023-53440
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-18

Last updated on: 2025-12-11

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix sysfs interface lifetime The current nilfs2 sysfs support has issues with the timing of creation and deletion of sysfs entries, potentially leading to null pointer dereferences, use-after-free, and lockdep warnings. Some of the sysfs attributes for nilfs2 per-filesystem instance refer to metadata file "cpfile", "sufile", or "dat", but nilfs_sysfs_create_device_group that creates those attributes is executed before the inodes for these metadata files are loaded, and nilfs_sysfs_delete_device_group which deletes these sysfs entries is called after releasing their metadata file inodes. Therefore, access to some of these sysfs attributes may occur outside of the lifetime of these metadata files, resulting in inode NULL pointer dereferences or use-after-free. In addition, the call to nilfs_sysfs_create_device_group() is made during the locking period of the semaphore "ns_sem" of nilfs object, so the shrinker call caused by the memory allocation for the sysfs entries, may derive lock dependencies "ns_sem" -> (shrinker) -> "locks acquired in nilfs_evict_inode()". Since nilfs2 may acquire "ns_sem" deep in the call stack holding other locks via its error handler __nilfs_error(), this causes lockdep to report circular locking. This is a false positive and no circular locking actually occurs as no inodes exist yet when nilfs_sysfs_create_device_group() is called. Fortunately, the lockdep warnings can be resolved by simply moving the call to nilfs_sysfs_create_device_group() out of "ns_sem". This fixes these sysfs issues by revising where the device's sysfs interface is created/deleted and keeping its lifetime within the lifetime of the metadata files above.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-18
Last Modified
2025-12-11
Generated
2026-05-07
AI Q&A
2025-09-18
EPSS Evaluated
2026-05-05
NVD
CVE-2023-53440
Affected Vendors & Products
Showing 12 associated CPEs
Vendor Product Version / Range
linux linux_kernel From 3.17 (inc) to 4.14.313 (exc)
linux linux_kernel From 4.15 (inc) to 4.19.281 (exc)
linux linux_kernel From 4.20 (inc) to 5.4.241 (exc)
linux linux_kernel From 5.5 (inc) to 5.10.178 (exc)
linux linux_kernel From 5.11 (inc) to 5.15.107 (exc)
linux linux_kernel From 5.16 (inc) to 6.1.24 (exc)
linux linux_kernel From 6.2 (inc) to 6.2.11 (exc)
linux linux_kernel 6.3
linux linux_kernel 6.3
linux linux_kernel 6.3
linux linux_kernel 6.3
linux linux_kernel 6.3
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-476 The product dereferences a pointer that it expects to be valid but is NULL.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability in the Linux kernel's nilfs2 sysfs interface arises from improper timing in creating and deleting sysfs entries related to metadata files (cpfile, sufile, dat). The sysfs attributes are created before the metadata file inodes are loaded and deleted after their inodes are released, which can lead to null pointer dereferences, use-after-free errors, and lockdep warnings. Additionally, the creation of these sysfs entries occurs while holding a semaphore lock (ns_sem), causing false positive circular locking warnings. The fix involves adjusting when the sysfs interface is created and deleted to ensure it only exists during the lifetime of the metadata files, preventing these issues.


How can this vulnerability impact me? :

This vulnerability can cause system instability or crashes due to null pointer dereferences and use-after-free errors in the kernel. It may also trigger lock dependency warnings (lockdep), which can complicate debugging and system maintenance. While the circular locking warnings are false positives, the underlying timing issues could potentially lead to kernel faults affecting system reliability.


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, update the Linux kernel to a version where the nilfs2 sysfs interface lifetime issue has been fixed. This fix involves changes to the creation and deletion timing of sysfs entries related to nilfs2, preventing null pointer dereferences, use-after-free, and lockdep warnings. Applying the official kernel patch or upgrading to a kernel release that includes this fix is recommended.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart