CVE-2023-54209
Unknown Unknown - Not Provided

Debugfs Entries Leakage Vulnerability in Linux Kernel blk_trace

Vulnerability report for CVE-2023-54209, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-12-30

Last updated on: 2025-12-30

Assigner: kernel.org

Description

In the Linux kernel, the following vulnerability has been resolved: block: fix blktrace debugfs entries leakage Commit 99d055b4fd4b ("block: remove per-disk debugfs files in blk_unregister_queue") moves blk_trace_shutdown() from blk_release_queue() to blk_unregister_queue(), this is safe if blktrace is created through sysfs, however, there is a regression in corner case. blktrace can still be enabled after del_gendisk() through ioctl if the disk is opened before del_gendisk(), and if blktrace is not shutdown through ioctl before closing the disk, debugfs entries will be leaked. Fix this problem by shutdown blktrace in disk_release(), this is safe because blk_trace_remove() is reentrant.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-12-30
Last Modified
2025-12-30
Generated
2026-07-06
AI Q&A
2025-12-30
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
linux linux_kernel *
linux kernel *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is a flaw in the Linux kernel's block subsystem related to blktrace debugfs entries. Due to a regression, blktrace can remain enabled after a disk is removed (del_gendisk) if the disk was opened before removal and blktrace was not properly shut down before closing the disk. This causes debugfs entries to be leaked. The fix involves shutting down blktrace in disk_release(), ensuring proper cleanup.

Impact Analysis

The impact of this vulnerability is that debugfs entries related to blktrace can be leaked, potentially leading to resource leakage or unintended exposure of debug information. This could affect system stability or security by leaving debug interfaces accessible longer than intended.

Mitigation Strategies

Apply the patch that fixes the blktrace debugfs entries leakage by ensuring blktrace is properly shutdown in disk_release(). This involves updating the Linux kernel to a version that includes the fix where blk_trace_shutdown() is moved appropriately and blktrace is shutdown in disk_release() to prevent debugfs entries leakage.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-54209. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart