CVE-2023-53861 — NULL Pointer Dereference in Linux

CWE-476 — NULL Pointer Dereference7 documents6 sources

Severity

4.7MEDIUM

No vector

EPSS

0.0%

top 85.68%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedDec 9

Description

In the Linux kernel, the following vulnerability has been resolved: ext4: correct grp validation in ext4_mb_good_group Group corruption check will access memory of grp and will trigger kernel crash if grp is NULL. So do NULL check before corruption check.

Affected Packages4 packages

▶Linuxlinux/linux_kernel5.11.0 — 5.15.132+4

▶Debianlinux/linux_kernel< 5.10.197-1+3

▶CVEListV5linux/linux100c0ad6c04597fefeaaba2bb1827cc015d95067 — 245759d987b617d183061db6ab8886ebb5cc78e9+7

▶debiandebian/linux< linux 6.1.55-1 (bookworm)

🔴Vulnerability Details

OSV

CVE-2023-53861: In the Linux kernel, the following vulnerability has been resolved: ext4: correct grp validation in ext4_mb_good_group Group corruption check will acc↗2025-12-09

▶

OSV

ext4: correct grp validation in ext4_mb_good_group↗2025-12-09

▶

GHSA

GHSA-9chw-7w35-c7qm: In the Linux kernel, the following vulnerability has been resolved: ext4: correct grp validation in ext4_mb_good_group Group corruption check will a↗2025-12-09

▶

📋Vendor Advisories

Red Hat

kernel: ext4: correct grp validation in ext4_mb_good_group↗2025-12-09

▶

Debian

CVE-2023-53861: linux - In the Linux kernel, the following vulnerability has been resolved: ext4: corre...↗2023

▶

🕵️Threat Intelligence

Wiz

CVE-2023-53861 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶