CVE-2023-54153Missing Release of Resource after Effective Lifetime in Linux

CWE-772Missing Release of Resource after Effective Lifetime7 documents6 sources
Severity
3.3LOW
No vector
EPSS
0.0%
top 92.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: ext4: turn quotas off if mount failed after enabling quotas Yi found during a review of the patch "ext4: don't BUG on inconsistent journal feature" that when ext4_mark_recovery_complete() returns an error value, the error handling path does not turn off the enabled quotas, which triggers the following kmemleak: unreferenced object 0xffff8cf68678e7c0 (size 64): comm "mount", pid 746, jiffies 4294871231 (age 11.540s) hex dump (

Affected Packages4 packages

Linuxlinux/linux_kernel5.9.05.15.121+2
Debianlinux/linux_kernel< 6.1.52-1+2
CVEListV5linux/linux11215630aada28307ba555a43138db6ac54fa825c327b83c59ee938792a0300df646efac39c7d6a7+8
debiandebian/linux< linux 6.1.52-1 (bookworm)

🔴Vulnerability Details

3
OSV
CVE-2023-54153: In the Linux kernel, the following vulnerability has been resolved: ext4: turn quotas off if mount failed after enabling quotas Yi found during a revi2025-12-24
OSV
ext4: turn quotas off if mount failed after enabling quotas2025-12-24
GHSA
GHSA-969x-jvv9-7j58: In the Linux kernel, the following vulnerability has been resolved: ext4: turn quotas off if mount failed after enabling quotas Yi found during a re2025-12-24

📋Vendor Advisories

2
Red Hat
kernel: ext4: turn quotas off if mount failed after enabling quotas2025-12-24
Debian
CVE-2023-54153: linux - In the Linux kernel, the following vulnerability has been resolved: ext4: turn ...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54153 Impact, Exploitability, and Mitigation Steps | Wiz