CVE-2026-53023
Awaiting Analysis Awaiting Analysis - Queue

Buffer Overflow in Linux Kernel NTFS3 Filesystem

Vulnerability report for CVE-2026-53023, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-24

Last updated on: 2026-07-10

Assigner: kernel.org

Description

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: terminate the cached volume label after UTF-8 conversion ntfs_fill_super() loads the on-disk volume label with utf16s_to_utf8s() and stores the result in sbi->volume.label. The converted label is later exposed through ntfs3_label_show() using %s, but utf16s_to_utf8s() only returns the number of bytes written and does not add a trailing NUL. If the converted label fills the entire fixed buffer, ntfs3_label_show() can read past the end of sbi->volume.label while looking for a terminator. Terminate the cached label explicitly after a successful conversion and clamp the exact-full case to the last byte of the buffer.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-24
Last Modified
2026-07-10
Generated
2026-07-15
AI Q&A
2026-06-24
EPSS Evaluated
2026-07-13
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in the Linux kernel's NTFS3 file system driver. Specifically, when the on-disk volume label is loaded, it is converted from UTF-16 to UTF-8 and stored in a fixed-size buffer. However, the conversion function does not add a terminating null character if the converted label exactly fills the buffer. As a result, when the label is later accessed and displayed, the code may read beyond the end of the buffer looking for a string terminator, potentially causing out-of-bounds memory reads.

Impact Analysis

The vulnerability can lead to out-of-bounds memory reads when accessing the volume label in the NTFS3 driver. This could potentially cause information disclosure or system instability if memory beyond the buffer is accessed. However, the exact impact depends on how the volume label is used and accessed in the system.

Mitigation Strategies

The vulnerability has been resolved by terminating the cached volume label after UTF-8 conversion in the Linux kernel's ntfs3 driver.

To mitigate this vulnerability, you should update your Linux kernel to a version that includes this fix.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-53023. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart