CVE-2023-53295Missing Report of Error Condition in Linux

CWE-392Missing Report of Error Condition5 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 97.47%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedSep 16

Description

In the Linux kernel, the following vulnerability has been resolved: udf: Do not update file length for failed writes to inline files When write to inline file fails (or happens only partly), we still updated length of inline data as if the whole write succeeded. Fix the update of length of inline data to happen only if the write succeeds.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel4.154.19.276+6
Debianlinux/linux_kernel< 5.10.178-1+3
CVEListV5linux/linux1da177e4c3f41524e886b7f1b8a0c1fc7321cac25621f7a8139053d0c3c47fb68ee9f602139eb40a+8
debiandebian/linux< linux 6.1.20-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-482h-wv29-vp5r: In the Linux kernel, the following vulnerability has been resolved: udf: Do not update file length for failed writes to inline files When write to i2025-09-16
OSV
CVE-2023-53295: In the Linux kernel, the following vulnerability has been resolved: udf: Do not update file length for failed writes to inline files When write to inl2025-09-16

📋Vendor Advisories

2
Red Hat
kernel: udf: Do not update file length for failed writes to inline files2025-09-16
Debian
CVE-2023-53295: linux - In the Linux kernel, the following vulnerability has been resolved: udf: Do not...2023
CVE-2023-53295 — Missing Report of Error Condition | cvebase