CVE-2023-54313
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2023-54313
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-54313.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2023-54313
- Downstream
- Published
- 2025-12-30T12:23:44.484Z
- Modified
- 2025-12-31T01:09:32.884998Z
- Summary
- ovl: fix null pointer dereference in ovl_get_acl_rcu()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
ovl: fix null pointer dereference in ovlgetacl_rcu()
Following process: P1 P2 pathopenat linkpathwalk maylookup inodepermission(rcu) ovlpermission aclpermissioncheck checkacl getcachedaclrcu ovlgetinodeacl realinode = ovlinodereal(ovlinode) dropcache dentrykill(ovldentry) iput(ovlinode) ovldestroyinode(ovlinode) dput(oi->upperdentry) dentrykill(upperdentry) dentryunlinkinode upperdentry->dinode = NULL ovlinodeupper upperdentry = ovlidentryupper(ovlinode) dinode(upperdentry) // returns NULL ISPOSIXACL(realinode) // NULL pointer dereference , will trigger an null pointer dereference at realinode: [ 205.472797] BUG: kernel NULL pointer dereference, address: 0000000000000028 [ 205.476701] CPU: 2 PID: 2713 Comm: ls Not tainted 6.3.0-12064-g2edfa098e750-dirty #1216 [ 205.478754] RIP: 0010:doovlgetacl+0x5d/0x300 [ 205.489584] Call Trace: [ 205.489812] <TASK> [ 205.490014] ovlgetinodeacl+0x26/0x30 [ 205.490466] getcachedaclrcu+0x61/0xa0 [ 205.490908] genericpermission+0x1bf/0x4e0 [ 205.491447] ovlpermission+0x79/0x1b0 [ 205.491917] inodepermission+0x15e/0x2c0 [ 205.492425] linkpathwalk+0x115/0x550 [ 205.493311] pathlookupat.isra.0+0xb2/0x200 [ 205.493803] filenamelookup+0xda/0x240 [ 205.495747] vfsfstatat+0x7b/0xb0
Fetch a reproducer in [Link].
Use the helper ovlipath_realinode() to get realinode and then do non-nullptr checking.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54313.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/c4a5fb1ae5d3f02d3227afde2b9339994389463d
- https://git.kernel.org/stable/c/d536af163c53ce9f9bcfe87d2e9946f06f1a7ea4
- https://git.kernel.org/stable/c/d97481c7b2739a704848bb3c01f224dc71bdf78e
- https://git.kernel.org/stable/c/f4e19e595cc2e76a8a58413eb19d3d9c51328b53
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54313.json
- https://nvd.nist.gov/vuln/detail/CVE-2023-54313
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced332f606b32b6291a944c8cf23b91f53a6e676525Fixedd97481c7b2739a704848bb3c01f224dc71bdf78eFixedc4a5fb1ae5d3f02d3227afde2b9339994389463dFixedd536af163c53ce9f9bcfe87d2e9946f06f1a7ea4Fixedf4e19e595cc2e76a8a58413eb19d3d9c51328b53