CVE-2023-54130Linux vulnerability

7 documents6 sources
Severity
N/A
No vector
EPSS
0.0%
top 89.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: hfs/hfsplus: avoid WARN_ON() for sanity check, use proper error handling Commit 55d1cbbbb29e ("hfs/hfsplus: use WARN_ON for sanity check") fixed a build warning by turning a comment into a WARN_ON(), but it turns out that syzbot then complains because it can trigger said warning with a corrupted hfs image. The warning actually does warn about a bad situation, but we are much better off just handling it as the error it is. So

Affected Packages4 packages

Linuxlinux/linux_kernel5.16.06.0.19+1
Debianlinux/linux_kernel< 6.1.7-1+2
CVEListV5linux/linuxc886c10a6eddb99923b315f42bf63f448883ef9acc2164ada548addfa8ee215196661c3afe0c5154+10
debiandebian/linux< linux 6.1.7-1 (bookworm)

🔴Vulnerability Details

3
OSV
hfs/hfsplus: avoid WARN_ON() for sanity check, use proper error handling2025-12-24
OSV
CVE-2023-54130: In the Linux kernel, the following vulnerability has been resolved: hfs/hfsplus: avoid WARN_ON() for sanity check, use proper error handling Commit 552025-12-24
GHSA
GHSA-2f2v-fxm5-25rj: In the Linux kernel, the following vulnerability has been resolved: hfs/hfsplus: avoid WARN_ON() for sanity check, use proper error handling Commit2025-12-24

📋Vendor Advisories

2
Red Hat
kernel: hfs/hfsplus: avoid WARN_ON() for sanity check, use proper error handling2025-12-24
Debian
CVE-2023-54130: linux - In the Linux kernel, the following vulnerability has been resolved: hfs/hfsplus...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54130 Impact, Exploitability, and Mitigation Steps | Wiz