CVE-2023-54209

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-54209
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-54209.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-54209
Downstream
Related
Published
2025-12-30T12:11:08.027Z
Modified
2026-03-23T05:09:37.204661103Z
Summary
block: fix blktrace debugfs entries leakage
Details

In the Linux kernel, the following vulnerability has been resolved:

block: fix blktrace debugfs entries leakage

Commit 99d055b4fd4b ("block: remove per-disk debugfs files in blkunregisterqueue") moves blktraceshutdown() from blkreleasequeue() to blkunregisterqueue(), this is safe if blktrace is created through sysfs, however, there is a regression in corner case.

blktrace can still be enabled after delgendisk() through ioctl if the disk is opened before delgendisk(), and if blktrace is not shutdown through ioctl before closing the disk, debugfs entries will be leaked.

Fix this problem by shutdown blktrace in diskrelease(), this is safe because blktrace_remove() is reentrant.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54209.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
99d055b4fd4bbb309c6cdb51a0d420669f777944
Fixed
aa07e56c6a9c7558165690d14eed4fe8babf34fb
Fixed
7149e57cf01184fba175589f8fbe9fbf33be02e1
Fixed
942e81650b81b4ca62f1d8c61de455c9e7c7e6ca
Fixed
dd7de3704af9989b780693d51eaea49a665bd9c2

Affected versions

v5.*
v5.19
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v6.*
v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.1.1
v6.1.10
v6.1.11
v6.1.12
v6.1.13
v6.1.14
v6.1.15
v6.1.16
v6.1.17
v6.1.18
v6.1.19
v6.1.2
v6.1.20
v6.1.21
v6.1.22
v6.1.23
v6.1.24
v6.1.25
v6.1.26
v6.1.27
v6.1.28
v6.1.29
v6.1.3
v6.1.30
v6.1.31
v6.1.32
v6.1.33
v6.1.34
v6.1.35
v6.1.36
v6.1.37
v6.1.38
v6.1.4
v6.1.5
v6.1.6
v6.1.7
v6.1.8
v6.1.9
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.3.1
v6.3.10
v6.3.11
v6.3.12
v6.3.2
v6.3.3
v6.3.4
v6.3.5
v6.3.6
v6.3.7
v6.3.8
v6.3.9
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.4.1
v6.4.2
v6.4.3

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-54209.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.19.0
Fixed
6.1.39
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.3.13
Type
ECOSYSTEM
Events
Introduced
6.4.0
Fixed
6.4.4

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-54209.json"