CVE-2023-53845
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-09

Last updated on: 2025-12-09

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix infinite loop in nilfs_mdt_get_block() If the disk image that nilfs2 mounts is corrupted and a virtual block address obtained by block lookup for a metadata file is invalid, nilfs_bmap_lookup_at_level() may return the same internal return code as -ENOENT, meaning the block does not exist in the metadata file. This duplication of return codes confuses nilfs_mdt_get_block(), causing it to read and create a metadata block indefinitely. In particular, if this happens to the inode metadata file, ifile, semaphore i_rwsem can be left held, causing task hangs in lock_mount. Fix this issue by making nilfs_bmap_lookup_at_level() treat virtual block address translation failures with -ENOENT as metadata corruption instead of returning the error code.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-09
Last Modified
2025-12-09
Generated
2026-06-16
AI Q&A
2025-12-10
EPSS Evaluated
2026-06-15
NVD
CVE-2023-53845
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Mitigation Strategies

To mitigate this vulnerability, update the Linux kernel to a version where the nilfs2 infinite loop issue in nilfs_mdt_get_block() is fixed. This update addresses the handling of virtual block address translation failures to prevent indefinite metadata block creation and potential task hangs.

Executive Summary

This vulnerability occurs in the Linux kernel's nilfs2 filesystem. When mounting a corrupted disk image, an internal function may return the same error code for two different issues, causing another function to enter an infinite loop reading and creating metadata blocks. This can lead to a semaphore being left held, which causes tasks to hang during mount operations.

Impact Analysis

The vulnerability can cause system tasks to hang during mount operations due to an infinite loop and a semaphore being left held. This can lead to system instability or denial of service conditions when accessing corrupted nilfs2 filesystems.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-53845. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart