CVE-2023-53692Use After Free in Linux

CWE-416Use After Free6 documents5 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 88.01%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 22

Description

In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free read in ext4_find_extent for bigalloc + inline Syzbot found the following issue: loop0: detected capacity change from 0 to 2048 EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: none. BUG: KASAN: use-after-free in ext4_ext_binsearch_idx fs/ext4/extents.c:768 [inline] BUG: KASAN: use-after-free in ext4_find_extent+0x76e/0xd90 fs/ext4/extents.c:931 Read

Affected Packages4 packages

Linuxlinux/linux_kernel4.20.05.4.243+6
Debianlinux/linux_kernel< 5.10.191-1+3
CVEListV5linux/linux1ed1eef0551bebee8e56973ccd0900e3578edfb70ce15000dee0ecd6f235f925a327803e2ef489c6+9
debiandebian/linux< linux 6.1.37-1 (bookworm)

🔴Vulnerability Details

3
OSV
ext4: fix use-after-free read in ext4_find_extent for bigalloc + inline2025-10-22
GHSA
GHSA-f427-wg66-92gr: In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free read in ext4_find_extent for bigalloc + inline Syzbot f2025-10-22
OSV
CVE-2023-53692: In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free read in ext4_find_extent for bigalloc + inline Syzbot fou2025-10-22

📋Vendor Advisories

2
Red Hat
kernel: ext4: fix use-after-free read in ext4_find_extent for bigalloc + inline2025-10-22
Debian
CVE-2023-53692: linux - In the Linux kernel, the following vulnerability has been resolved: ext4: fix u...2023