CVE-2023-53450
EUVD-2025-3279301.10.2025, 12:15
In the Linux kernel, the following vulnerability has been resolved: ext4: remove a BUG_ON in ext4_mb_release_group_pa() If a malicious fuzzer overwrites the ext4 superblock while it is mounted such that the s_first_data_block is set to a very large number, the calculation of the block group can underflow, and trigger a BUG_ON check. Change this to be an ext4_warning so that we don't crash the kernel.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 2.6.25 ≤ 𝑥 < 4.14.315 |
| linux | linux_kernel | 4.15 ≤ 𝑥 < 4.19.283 |
| linux | linux_kernel | 4.20 ≤ 𝑥 < 5.4.243 |
| linux | linux_kernel | 5.5 ≤ 𝑥 < 5.10.180 |
| linux | linux_kernel | 5.11 ≤ 𝑥 < 5.15.112 |
| linux | linux_kernel | 5.16 ≤ 𝑥 < 6.1.29 |
| linux | linux_kernel | 6.2 ≤ 𝑥 < 6.2.16 |
| linux | linux_kernel | 6.3 ≤ 𝑥 < 6.3.3 |
| linux | linux_kernel | 6.4:rc1 |
𝑥
= Vulnerable software versions
Debian Releases
Amazon Linux Releases
Amazon Package | |||||
|---|---|---|---|---|---|
| bpftool |
| ||||
| bpftool-debuginfo |
| ||||
| kernel |
| ||||
| kernel-debuginfo |
| ||||
| kernel-debuginfo-common-aarch64 |
| ||||
| kernel-debuginfo-common-x86_64 |
| ||||
| kernel-devel |
| ||||
| kernel-headers |
| ||||
| kernel-libbpf |
| ||||
| kernel-libbpf-devel |
| ||||
| kernel-libbpf-static |
| ||||
| kernel-livepatch-4.14.318-240.529 |
| ||||
| kernel-livepatch-6.1.29-47.49 |
| ||||
| kernel-tools |
| ||||
| kernel-tools-debuginfo |
| ||||
| kernel-tools-devel |
| ||||
| perf |
| ||||
| perf-debuginfo |
| ||||
| python-perf |
| ||||
| python-perf-debuginfo |
| ||||
| python3-perf |
| ||||
| python3-perf-debuginfo |
|
Common Weakness Enumeration
References