CVE-2023-53796 — Linux vulnerability

6 documents5 sources

Severity

—N/A

No vector

EPSS

0.0%

top 85.68%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedDec 9

Description

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix information leak in f2fs_move_inline_dirents() When converting an inline directory to a regular one, f2fs is leaking uninitialized memory to disk because it doesn't initialize the entire directory block. Fix this by zero-initializing the block. This bug was introduced by commit 4ec17d688d74 ("f2fs: avoid unneeded initializing when converting inline dentry"), which didn't consider the security implications of leaking…

Affected Packages4 packages

▶Linuxlinux/linux_kernel4.3.0 — 4.14.308+6

▶Debianlinux/linux_kernel< 5.10.178-1+3

▶CVEListV5linux/linux4ec17d688d74b6b7cb10043c57ff4818cde2b0ca — 4e3b4b170bd43db1d8a93a6bd0ea434b17cc86f7+8

▶debiandebian/linux< linux 6.1.20-1 (bookworm)

🔴Vulnerability Details

GHSA

GHSA-g2pf-697j-2r49: In the Linux kernel, the following vulnerability has been resolved: f2fs: fix information leak in f2fs_move_inline_dirents() When converting an inli↗2025-12-09

▶

OSV

f2fs: fix information leak in f2fs_move_inline_dirents()↗2025-12-09

▶

OSV

CVE-2023-53796: In the Linux kernel, the following vulnerability has been resolved: f2fs: fix information leak in f2fs_move_inline_dirents() When converting an inline↗2025-12-09

▶

📋Vendor Advisories

Red Hat

kernel: f2fs: fix information leak in f2fs_move_inline_dirents()↗2025-12-09

▶

Debian

CVE-2023-53796: linux - In the Linux kernel, the following vulnerability has been resolved: f2fs: fix i...↗2023

▶