CVE-2023-53214Out-of-bounds Write in Linux

CWE-787Out-of-bounds Write5 documents5 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 94.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedSep 15

Description

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential memory corruption in __update_iostat_latency() Add iotype sanity check to avoid potential memory corruption. This is to fix the compile error below: fs/f2fs/iostat.c:231 __update_iostat_latency() error: buffer overflow 'io_lat->peak_lat[type]' 3 type; 216 struct f2fs_sb_info *sbi = iostat_ctx->sbi; 217 struct iostat_lat_info *io_lat = sbi->iostat_io_lat; 218 unsigned long flags; 219 220 if (!sbi->

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

NVDlinux/linux_kernel5.155.15.100+2
Debianlinux/linux_kernel< 6.1.20-1+2
CVEListV5linux/linuxa4b6817625e71d5d4aee16cacf7a7fec077c6dbeaa4d726af72a21732ce120484e0b1240674a13b3+4
debiandebian/linux< linux 6.1.20-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
OSV
CVE-2023-53214: In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential memory corruption in __update_iostat_latency() Add io2025-09-15
GHSA
GHSA-x74x-w5qg-98qh: In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential memory corruption in __update_iostat_latency() Add2025-09-15

📋Vendor Advisories

2
Red Hat
kernel: f2fs: fix to avoid potential memory corruption in __update_iostat_latency()2025-09-15
Debian
CVE-2023-53214: linux - In the Linux kernel, the following vulnerability has been resolved: f2fs: fix t...2023
CVE-2023-53214 — Out-of-bounds Write in Linux | cvebase