CVE-2023-54311
Unknown Unknown - Not Provided
Deadlock Vulnerability in Linux ext4 Inline Directory Conversion

Publication date: 2025-12-30

Last updated on: 2025-12-30

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: ext4: fix deadlock when converting an inline directory in nojournal mode In no journal mode, ext4_finish_convert_inline_dir() can self-deadlock by calling ext4_handle_dirty_dirblock() when it already has taken the directory lock. There is a similar self-deadlock in ext4_incvert_inline_data_nolock() for data files which we'll fix at the same time. A simple reproducer demonstrating the problem: mke2fs -Fq -t ext2 -O inline_data -b 4k /dev/vdc 64 mount -t ext4 -o dirsync /dev/vdc /vdc cd /vdc mkdir file0 cd file0 touch file0 touch file1 attr -s BurnSpaceInEA -V abcde . touch supercalifragilisticexpialidocious
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-30
Last Modified
2025-12-30
Generated
2026-06-16
AI Q&A
2025-12-30
EPSS Evaluated
2026-06-15
NVD
CVE-2023-54311
EUVD
EUVD-2023-60493
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a deadlock issue in the Linux kernel's ext4 filesystem when operating in no journal mode. Specifically, the functions ext4_finish_convert_inline_dir() and ext4_incvert_inline_data_nolock() can cause a self-deadlock by attempting to acquire a directory lock they already hold, leading to the system hanging or freezing during certain file operations involving inline directories or data.

Impact Analysis

This vulnerability can cause the system to deadlock (freeze) when performing certain file operations on ext4 filesystems in no journal mode. This can lead to system instability, unresponsiveness, or crashes, potentially disrupting services or applications relying on the filesystem.

Detection Guidance

This vulnerability can be detected by attempting to reproduce the deadlock condition on a system using ext4 in no journal mode with inline directories. The provided reproducer commands are: mke2fs -Fq -t ext2 -O inline_data -b 4k /dev/vdc 64 mount -t ext4 -o dirsync /dev/vdc /vdc cd /vdc mkdir file0 cd file0 touch file0 touch file1 attr -s BurnSpaceInEA -V abcde . touch supercalifragilisticexpialidocious Running these commands can help detect if the system is vulnerable by triggering the deadlock.

Mitigation Strategies

Immediate mitigation involves updating the Linux kernel to a version where this deadlock issue in ext4 inline directory handling in no journal mode has been fixed. Avoid using ext4 in no journal mode with inline directories until the patch is applied.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-54311. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart