CVE-2023-53672Incorrect Check of Function Return Value in Linux

CWE-253Incorrect Check of Function Return Value5 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 97.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 7

Description

In the Linux kernel, the following vulnerability has been resolved: btrfs: output extra debug info if we failed to find an inline backref [BUG] Syzbot reported several warning triggered inside lookup_inline_extent_backref(). [CAUSE] As usual, the reproducer doesn't reliably trigger locally here, but at least we know the WARN_ON() is triggered when an inline backref can not be found, and it can only be triggered when @insert is true. (I.e. inserting a new inline backref, which means the backre

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel3.9.14.14.326+7
Debianlinux/linux_kernel< 5.10.197-1+3
CVEListV5linux/linux492104c866cb1b62a11393adccb477f5cd2c7768376b41524b71e494514720bd6114325b0a2ed19c+8
debiandebian/linux< linux 6.1.55-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
OSV
CVE-2023-53672: In the Linux kernel, the following vulnerability has been resolved: btrfs: output extra debug info if we failed to find an inline backref [BUG] Syzbot2025-10-07
GHSA
GHSA-vgqm-7wmp-qp26: In the Linux kernel, the following vulnerability has been resolved: btrfs: output extra debug info if we failed to find an inline backref [BUG] Syzb2025-10-07

📋Vendor Advisories

2
Red Hat
kernel: btrfs: output extra debug info if we failed to find an inline backref2025-10-07
Debian
CVE-2023-53672: linux - In the Linux kernel, the following vulnerability has been resolved: btrfs: outp...2023