CVE-2023-53683
Unknown Unknown - Not Provided

BaseFortify

Vulnerability report for CVE-2023-53683, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-10-07

Last updated on: 2026-02-26

Assigner: kernel.org

Description

In the Linux kernel, the following vulnerability has been resolved: fs: hfsplus: remove WARN_ON() from hfsplus_cat_{read,write}_inode() syzbot is hitting WARN_ON() in hfsplus_cat_{read,write}_inode(), for crafted filesystem image can contain bogus length. There conditions are not kernel bugs that can justify kernel to panic.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-10-07
Last Modified
2026-02-26
Generated
2026-07-06
AI Q&A
2025-10-07
EPSS Evaluated
2026-07-05
NVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel From 5.15.160 (inc) to 5.16 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-617 The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability involves the Linux kernel's HFS+ filesystem driver, where the functions hfsplus_cat_read_inode and hfsplus_cat_write_inode could trigger WARN_ON() due to crafted filesystem images containing bogus length values. These conditions are not actual kernel bugs that justify a kernel panic, and the vulnerability has been resolved by removing the WARN_ON() calls from these functions.

Impact Analysis

The vulnerability could cause the Linux kernel to issue warnings (WARN_ON()) when processing specially crafted HFS+ filesystem images, potentially leading to instability or unexpected behavior. However, since these conditions are not considered kernel bugs that justify a kernel panic, the impact is limited to warnings rather than crashes or security breaches.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-53683. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart