CVE-2023-53820
BaseFortify
Publication date: 2025-12-09
Last updated on: 2025-12-09
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in the Linux kernel's loop driver occurs because the function loop_set_status_from_info() does not properly check lo->lo_offset and lo->lo_sizelimit before reassigning them. If an overflow error happens, the original correct values are overwritten with incorrect ones and are not restored. Although an ioctl call may return an error after setting these values, subsequent I/O operations still use the incorrect values, potentially causing unexpected behavior or alarms in the loop driver.
How can this vulnerability impact me? :
The impact of this vulnerability is that incorrect values for lo_offset and lo_sizelimit may be used during I/O operations in the loop driver, which can lead to unexpected behavior or alarms. This could potentially affect system stability or data integrity when using loop devices, as operations might be performed with invalid offsets or size limits.