VDB

CISA-2023-53214

CISA-2023-53214 PUBLISHED CVSS 7.8 HIGH

Reported by Linux · Published September 15, 2025

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential memory corruption in __update_iostat_latency() Add iotype sanity check to avoid potential memory corruption. This is to fix the compile error below: fs/f2fs/iostat.c:231 __update_iostat_latency() error: buffer overflow 'io_lat->peak_lat[type]' 3 <= 3 vim +228 fs/f2fs/iostat.c 211 static inline void __update_iostat_latency(struct bio_iostat_ctx *iostat_ctx, 212 enum iostat_lat_type type) 213 { 214 unsigned long ts_diff; 215 unsigned int page_type = iostat_ctx->type; 216 struct f2fs_sb_info *sbi = iostat_ctx->sbi; 217 struct iostat_lat_info *io_lat = sbi->iostat_io_lat; 218 unsigned long flags; 219 220 if (!sbi->iostat_enable) 221 return; 222 223 ts_diff = jiffies - iostat_ctx->submit_ts; 224 if (page_type >= META_FLUSH) ^^^^^^^^^^ 225 page_type = META; 226 227 spin_lock_irqsave(&sbi->iostat_lat_lock, flags); @228 io_lat->sum_lat[type][page_type] += ts_diff; ^^^^^^^^^ Mixup between META_FLUSH and NR_PAGE_TYPE leads to memory corruption.

Risk Scores

CVSS 3.1
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
LinuxLinuxa4b6817625e71d5d4aee16cacf7a7fec077c6dbe, a4b6817625e71d5d4aee16cacf7a7fec077c6dbe, a4b6817625e71d5d4aee16cacf7a7fec077c6dbe
LinuxLinux5.15, 0, 5.15.100
LinuxLinux6.1.18, a4b6817625e71d5d4aee16cacf7a7fec077c6dbe, a4b6817625e71d5d4aee16cacf7a7fec077c6dbe
linuxlinux_kernel5.15, 5.15, 5.15

Timeline

  • Sep 15, 2025 CVE Published
  • Jan 14, 2026 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›