CVE-2023-53683
BaseFortify
Publication date: 2025-10-07
Last updated on: 2026-02-26
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-617 | The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves the Linux kernel's HFS+ filesystem driver, where the functions hfsplus_cat_read_inode and hfsplus_cat_write_inode could trigger WARN_ON() due to crafted filesystem images containing bogus length values. These conditions are not actual kernel bugs that justify a kernel panic, and the vulnerability has been resolved by removing the WARN_ON() calls from these functions.
How can this vulnerability impact me? :
The vulnerability could cause the Linux kernel to issue warnings (WARN_ON()) when processing specially crafted HFS+ filesystem images, potentially leading to instability or unexpected behavior. However, since these conditions are not considered kernel bugs that justify a kernel panic, the impact is limited to warnings rather than crashes or security breaches.