CVE-2023-54209
Unknown Unknown - Not Provided
Debugfs Entries Leakage Vulnerability in Linux Kernel blk_trace

Publication date: 2025-12-30

Last updated on: 2025-12-30

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: block: fix blktrace debugfs entries leakage Commit 99d055b4fd4b ("block: remove per-disk debugfs files in blk_unregister_queue") moves blk_trace_shutdown() from blk_release_queue() to blk_unregister_queue(), this is safe if blktrace is created through sysfs, however, there is a regression in corner case. blktrace can still be enabled after del_gendisk() through ioctl if the disk is opened before del_gendisk(), and if blktrace is not shutdown through ioctl before closing the disk, debugfs entries will be leaked. Fix this problem by shutdown blktrace in disk_release(), this is safe because blk_trace_remove() is reentrant.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-30
Last Modified
2025-12-30
Generated
2026-06-16
AI Q&A
2025-12-30
EPSS Evaluated
2026-06-14
NVD
CVE-2023-54209
EUVD
EUVD-2023-60432
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
linux linux_kernel *
linux kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a flaw in the Linux kernel's block subsystem related to blktrace debugfs entries. Due to a regression, blktrace can remain enabled after a disk is removed (del_gendisk) if the disk was opened before removal and blktrace was not properly shut down before closing the disk. This causes debugfs entries to be leaked. The fix involves shutting down blktrace in disk_release(), ensuring proper cleanup.

Impact Analysis

The impact of this vulnerability is that debugfs entries related to blktrace can be leaked, potentially leading to resource leakage or unintended exposure of debug information. This could affect system stability or security by leaving debug interfaces accessible longer than intended.

Mitigation Strategies

Apply the patch that fixes the blktrace debugfs entries leakage by ensuring blktrace is properly shutdown in disk_release(). This involves updating the Linux kernel to a version that includes the fix where blk_trace_shutdown() is moved appropriately and blktrace is shutdown in disk_release() to prevent debugfs entries leakage.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-54209. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart