CVE-2023-53294NULL Pointer Dereference in Linux

CWE-476NULL Pointer Dereference5 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 95.84%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedSep 16

Description

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix null-ptr-deref on inode->i_op in ntfs_lookup() Syzbot reported a null-ptr-deref bug: ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512) ntfs3: loop0: Mark volume as dirty due to NTFS errors general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] RIP: 0010:d_flags_f

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel5.155.15.112+3
Debianlinux/linux_kernel< 6.1.37-1+2
CVEListV5linux/linux4342306f0f0d5ff4315a204d315c1b51b914fca5f8d9e062a695a3665c4635c4f216a75912687598+5
debiandebian/linux< linux 6.1.37-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-9436-jjr2-vc98: In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix null-ptr-deref on inode->i_op in ntfs_lookup() Syzbot reported a n2025-09-16
OSV
CVE-2023-53294: In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix null-ptr-deref on inode->i_op in ntfs_lookup() Syzbot reported a nul2025-09-16

📋Vendor Advisories

2
Red Hat
kernel: fs/ntfs3: Fix null-ptr-deref on inode->i_op in ntfs_lookup()2025-09-16
Debian
CVE-2023-53294: linux - In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: F...2023
CVE-2023-53294 — NULL Pointer Dereference in Linux | cvebase