CVE-2023-54177 — Time-of-check Time-of-use (TOCTOU) Race Condition in Linux

CWE-367 — Time-of-check Time-of-use (TOCTOU) Race Condition7 documents6 sources

Severity

3.3LOW

No vector

EPSS

0.0%

top 89.30%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: quota: fix warning in dqgrab() There's issue as follows when do fault injection: WARNING: CPU: 1 PID: 14870 at include/linux/quotaops.h:51 dquot_disable+0x13b7/0x18c0 Modules linked in: CPU: 1 PID: 14870 Comm: fsconfig Not tainted 6.3.0-next-20230505-00006-g5107a9c821af-dirty #541 RIP: 0010:dquot_disable+0x13b7/0x18c0 RSP: 0018:ffffc9000acc79e0 EFLAGS: 00010246 RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff88825e41b980 …

Affected Packages4 packages

▶Linuxlinux/linux_kernel3.15.0 — 4.14.324+6

▶Debianlinux/linux_kernel< 5.10.197-1+3

▶CVEListV5linux/linux9f985cb6c45bc3f8b7e161c9658d409d051d576f — 6478eabc92274efae6269da7c515ba2b4c8e88d8+9

▶debiandebian/linux< linux 6.1.52-1 (bookworm)

🔴Vulnerability Details

OSV

CVE-2023-54177: In the Linux kernel, the following vulnerability has been resolved: quota: fix warning in dqgrab() There's issue as follows when do fault injection: W↗2025-12-30

▶

GHSA

GHSA-f7wq-xf7h-wrxp: In the Linux kernel, the following vulnerability has been resolved: quota: fix warning in dqgrab() There's issue as follows when do fault injection:↗2025-12-30

▶

OSV

quota: fix warning in dqgrab()↗2025-12-30

▶

📋Vendor Advisories

Red Hat

kernel: quota: fix warning in dqgrab()↗2025-12-30

▶

Debian

CVE-2023-54177: linux - In the Linux kernel, the following vulnerability has been resolved: quota: fix ...↗2023

▶

🕵️Threat Intelligence

Wiz

CVE-2023-54177 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶