CVE-2023-54069Integer Overflow or Wraparound in Linux

CWE-190Integer Overflow or Wraparound7 documents6 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 89.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: ext4: fix BUG in ext4_mb_new_inode_pa() due to overflow When we calculate the end position of ext4_free_extent, this position may be exactly where ext4_lblk_t (i.e. uint) overflows. For example, if ac_g_ex.fe_logical is 4294965248 and ac_orig_goal_len is 2048, then the computed end is 0x100000000, which is 0. If ac->ac_o_ex.fe_logical is not the first case of adjusting the best extent, that is, new_bex_end > 0, the following B

Affected Packages4 packages

Linuxlinux/linux_kernel5.5.05.10.200+4
Debianlinux/linux_kernel< 5.10.205-1+3
CVEListV5linux/linux8659c5f4ffaacbe932849b98462c3d635b4eacea83ecffd40c65844a73c2e93d7c841455786605ac+9
debiandebian/linux< linux 6.1.64-1 (bookworm)

🔴Vulnerability Details

3
GHSA
GHSA-ccf9-6597-4cqp: In the Linux kernel, the following vulnerability has been resolved: ext4: fix BUG in ext4_mb_new_inode_pa() due to overflow When we calculate the en2025-12-24
OSV
CVE-2023-54069: In the Linux kernel, the following vulnerability has been resolved: ext4: fix BUG in ext4_mb_new_inode_pa() due to overflow When we calculate the end2025-12-24
OSV
ext4: fix BUG in ext4_mb_new_inode_pa() due to overflow2025-12-24

📋Vendor Advisories

2
Red Hat
kernel: ext4: fix BUG in ext4_mb_new_inode_pa() due to overflow2025-12-24
Debian
CVE-2023-54069: linux - In the Linux kernel, the following vulnerability has been resolved: ext4: fix B...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54069 Impact, Exploitability, and Mitigation Steps | Wiz