CVE-2023-54140
Kernel Warning and Panic in Linux nilfs2 Due to Buffer Reuse
Publication date: 2025-12-24
Last updated on: 2025-12-24
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs in the Linux kernel's nilfs2 filesystem where a kernel warning or panic can happen due to reuse of discarded buffer pointers. Specifically, mark_buffer_dirty() called from certain functions may output a warning or cause a kernel panic if the system is configured to panic on warnings. The issue arises because nilfs2 keeps buffer pointers in local structures and reuses them, but these buffers may have been forcibly discarded in some critical situations. The fix involves checking the buffer's uptodate flag before reuse and reloading metadata if the buffer is no longer valid.
How can this vulnerability impact me? :
This vulnerability can cause kernel warnings or system panics when the kernel attempts to reuse discarded buffers in the nilfs2 filesystem. If the kernel is configured with panic_on_warn, this can lead to system crashes, potentially causing downtime or data unavailability.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, update the Linux kernel to a version that includes the fix for the nilfs2 issue described. The fix involves checking the uptodate flag when reusing internally held buffers and reloading metadata instead of reusing buffers if the flag was lost. Avoid booting the kernel with panic_on_warn enabled until the fix is applied to prevent kernel panic due to warnings.