CVE-2023-53091

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-53091

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53091.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-53091

Downstream

BELL-CVE-2023-53091

DEBIAN-CVE-2023-53091

OESA-2025-1541

SUSE-SU-2025:01918-1

SUSE-SU-2025:01966-1

SUSE-SU-2025:02173-1

SUSE-SU-2025:02262-1

UBUNTU-CVE-2023-53091

Related

Published

2025-05-02T16:15:28Z

Modified

2025-08-09T19:01:29Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

ext4: update sjournalinum if it changes after journal replay

When mounting a crafted ext4 image, sjournalinum may change after journal replay, which is obviously unreasonable because we have successfully loaded and replayed the journal through the old sjournalinum. And the new sjournalinum bypasses some of the checks in ext4getjournal(), which may trigger a null pointer dereference problem. So if sjournalinum changes after the journal replay, we ignore the change, and rewrite the current journal_inum to the superblock.

References

Affected packages