CVE-2023-53450
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-01

Last updated on: 2025-10-02

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: ext4: remove a BUG_ON in ext4_mb_release_group_pa() If a malicious fuzzer overwrites the ext4 superblock while it is mounted such that the s_first_data_block is set to a very large number, the calculation of the block group can underflow, and trigger a BUG_ON check. Change this to be an ext4_warning so that we don't crash the kernel.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-01
Last Modified
2025-10-02
Generated
2026-06-16
AI Q&A
2025-10-01
EPSS Evaluated
2026-06-15
NVD
CVE-2023-53450
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel From 5.15.160 (inc) to 5.16 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability occurs in the Linux kernel's ext4 filesystem. If a malicious fuzzer overwrites the ext4 superblock while it is mounted and sets the s_first_data_block to a very large number, it can cause an underflow in the calculation of the block group. This triggers a BUG_ON check, which crashes the kernel. The fix changes this BUG_ON to an ext4_warning to prevent the kernel from crashing.

Impact Analysis

This vulnerability can cause the Linux kernel to crash if exploited, leading to a denial of service. An attacker could use a malicious fuzzer to overwrite the ext4 superblock and trigger this condition, potentially disrupting system availability.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-53450. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart