CVE-2023-54063
- Source
- https://cve.org/CVERecord?id=CVE-2023-54063
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-54063.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2023-54063
- Downstream
- Published
- 2025-12-24T12:23:09.346Z
- Modified
- 2026-03-10T21:49:05.404744Z
- Summary
- fs/ntfs3: Fix OOB read in indx_insert_into_buffer
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: Fix OOB read in indxinsertinto_buffer
Syzbot reported a OOB read bug:
BUG: KASAN: slab-out-of-bounds in indxinsertinto_buffer+0xaa3/0x13b0 fs/ntfs3/index.c:1755 Read of size 17168 at addr ffff8880255e06c0 by task syz-executor308/3630
Call Trace: <TASK> memmove+0x25/0x60 mm/kasan/shadow.c:54 indxinsertintobuffer+0xaa3/0x13b0 fs/ntfs3/index.c:1755 indxinsertentry+0x446/0x6b0 fs/ntfs3/index.c:1863 ntfscreateinode+0x1d3f/0x35c0 fs/ntfs3/inode.c:1548 ntfscreate+0x3e/0x60 fs/ntfs3/namei.c:100 lookup_open fs/namei.c:3413 [inline]
If the member struct INDEXBUFFER *index of struct indxnode is incorrect, that is, the value of __le32 used is greater than the value of __le32 total in struct INDEXHDR. Therefore, OOB read occurs when memmove is called in indxinsertintobuffer(). Fix this by adding a check in hdrfinde().
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54063.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/17048287ac79abd33b275ac3b5738285d406481b
- https://git.kernel.org/stable/c/4bf3b564e27a518f158a83d5e1a50064ed6136a0
- https://git.kernel.org/stable/c/a7e5dba10ba1402dd6c2f961a70320770865c4a5
- https://git.kernel.org/stable/c/b8c44949044e5f7f864525fdffe8e95135ce9ce5
- https://git.kernel.org/stable/c/cd7e1d67924081717c5c96ead758a1a77867689a
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54063.json
- https://nvd.nist.gov/vuln/detail/CVE-2023-54063
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced82cae269cfa953032fbb8980a7d554d60fb00b17Fixedcd7e1d67924081717c5c96ead758a1a77867689aFixed17048287ac79abd33b275ac3b5738285d406481bFixeda7e5dba10ba1402dd6c2f961a70320770865c4a5Fixed4bf3b564e27a518f158a83d5e1a50064ed6136a0Fixedb8c44949044e5f7f864525fdffe8e95135ce9ce5
Affected versions
v5.*
v5.14
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.15.1
v5.15.10
v5.15.100
v5.15.101
v5.15.102
v5.15.103
v5.15.104
v5.15.105
v5.15.106
v5.15.107
v5.15.108
v5.15.109
v5.15.11
v5.15.110
v5.15.12
v5.15.13
v5.15.14
v5.15.15
v5.15.16
v5.15.17
v5.15.18
v5.15.19
v5.15.2
v5.15.20
v5.15.21
v5.15.22
v5.15.23
v5.15.24
v5.15.25
v5.15.26
v5.15.27
v5.15.28
v5.15.29
v5.15.3
v5.15.30
v5.15.31
v5.15.32
v5.15.33
v5.15.34
v5.15.35
v5.15.36
v5.15.37
v5.15.38
v5.15.39
v5.15.4
v5.15.40
v5.15.41
v5.15.42
v5.15.43
v5.15.44
v5.15.45
v5.15.46
v5.15.47
v5.15.48
v5.15.49
v5.15.5
v5.15.50
v5.15.51
v5.15.52
v5.15.53
v5.15.54
v5.15.55
v5.15.56
v5.15.57
v5.15.58
v5.15.59
v5.15.6
v5.15.60
v5.15.61
v5.15.62
v5.15.63
v5.15.64
v5.15.65
v5.15.66
v5.15.67
v5.15.68
v5.15.69
v5.15.7
v5.15.70
v5.15.71
v5.15.72
v5.15.73
v5.15.74
v5.15.75
v5.15.76
v5.15.77
v5.15.78
v5.15.79
v5.15.8
v5.15.80
v5.15.81
v5.15.82
v5.15.83
v5.15.84
v5.15.85
v5.15.86
v5.15.87
v5.15.88
v5.15.89
v5.15.9
v5.15.90
v5.15.91
v5.15.92
v5.15.93
v5.15.94
v5.15.95
v5.15.96
v5.15.97
v5.15.98
v5.15.99
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v6.*
v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.1.1
v6.1.10
v6.1.11
v6.1.12
v6.1.13
v6.1.14
v6.1.15
v6.1.16
v6.1.17
v6.1.18
v6.1.19
v6.1.2
v6.1.20
v6.1.21
v6.1.22
v6.1.23
v6.1.24
v6.1.25
v6.1.26
v6.1.27
v6.1.3
v6.1.4
v6.1.5
v6.1.6
v6.1.7
v6.1.8
v6.1.9
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.2.1
v6.2.10
v6.2.11
v6.2.12
v6.2.13
v6.2.14
v6.2.2
v6.2.3
v6.2.4
v6.2.5
v6.2.6
v6.2.7
v6.2.8
v6.2.9
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.3.1