CVE-2023-54099Time-of-check Time-of-use (TOCTOU) Race Condition in Linux

CWE-367Time-of-check Time-of-use (TOCTOU) Race Condition7 documents6 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 89.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: fs: Protect reconfiguration of sb read-write from racing writes The reconfigure / remount code takes a lot of effort to protect filesystem's reconfiguration code from racing writes on remounting read-only. However during remounting read-only filesystem to read-write mode userspace writes can start immediately once we clear SB_RDONLY flag. This is inconvenient for example for ext4 because we need to do some writes to the filesy

Affected Packages4 packages

Linuxlinux/linux_kernel5.1.05.4.253+4
Debianlinux/linux_kernel< 5.10.191-1+3
CVEListV5linux/linux8d0347f6c3a9d4953ddd636a31c6584da082e0840336b42456e485fda1006b5b411e7372e20fbf03+6
debiandebian/linux< linux 6.1.52-1 (bookworm)

🔴Vulnerability Details

3
GHSA
GHSA-vwq3-xpg9-vpx4: In the Linux kernel, the following vulnerability has been resolved: fs: Protect reconfiguration of sb read-write from racing writes The reconfigure2025-12-24
OSV
CVE-2023-54099: In the Linux kernel, the following vulnerability has been resolved: fs: Protect reconfiguration of sb read-write from racing writes The reconfigure /2025-12-24
OSV
fs: Protect reconfiguration of sb read-write from racing writes2025-12-24

📋Vendor Advisories

2
Red Hat
kernel: fs: Protect reconfiguration of sb read-write from racing writes2025-12-24
Debian
CVE-2023-54099: linux - In the Linux kernel, the following vulnerability has been resolved: fs: Protect...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54099 Impact, Exploitability, and Mitigation Steps | Wiz