CVE-2023-54132
Unknown Unknown - Not Provided
Invalid Cluster Offset in Linux EROFS Causes Kernel Page Fault

Publication date: 2025-12-24

Last updated on: 2025-12-24

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: erofs: stop parsing non-compact HEAD index if clusterofs is invalid Syzbot generated a crafted image [1] with a non-compact HEAD index of clusterofs 33024 while valid numbers should be 0 ~ lclustersize-1, which causes the following unexpected behavior as below: BUG: unable to handle page fault for address: fffff52101a3fff9 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 23ffed067 P4D 23ffed067 PUD 0 Oops: 0000 [#1] PREEMPT SMP KASAN CPU: 1 PID: 4398 Comm: kworker/u5:1 Not tainted 6.3.0-rc6-syzkaller-g09a9639e56c0 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023 Workqueue: erofs_worker z_erofs_decompressqueue_work RIP: 0010:z_erofs_decompress_queue+0xb7e/0x2b40 ... Call Trace: <TASK> z_erofs_decompressqueue_work+0x99/0xe0 process_one_work+0x8f6/0x1170 worker_thread+0xa63/0x1210 kthread+0x270/0x300 ret_from_fork+0x1f/0x30 Note that normal images or images using compact indexes are not impacted. Let's fix this now. [1] https://lore.kernel.org/r/[email protected]
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-24
Last Modified
2025-12-24
Generated
2026-05-06
AI Q&A
2025-12-24
EPSS Evaluated
2026-05-05
NVD
CVE-2023-54132
EUVD
EUVD-2023-60313
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel 6.3.0-rc6
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :

This vulnerability can cause the Linux kernel to crash (kernel panic) when processing specially crafted erofs images with invalid cluster offsets. This leads to denial of service by making the system unstable or unresponsive. Systems using erofs with non-compact HEAD indexes could be exploited to trigger this behavior.


Can you explain this vulnerability to me?

This vulnerability occurs in the Linux kernel's erofs filesystem driver. It involves improper handling of a non-compact HEAD index with an invalid cluster offset (clusterofs). Specifically, when a crafted image contains a non-compact HEAD index with a clusterofs value outside the valid range (0 to lclustersize-1), it causes the kernel to encounter a page fault and crash due to supervisor read access in kernel mode. Normal images or those using compact indexes are not affected.


What immediate steps should I take to mitigate this vulnerability?

The vulnerability is resolved by stopping parsing of non-compact HEAD index if clusterofs is invalid in the erofs filesystem code of the Linux kernel. To mitigate this vulnerability, you should update your Linux kernel to a version that includes this fix.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart