CVE-2023-54281Deadlock in Linux

CWE-833Deadlock7 documents6 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 92.57%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: btrfs: release path before inode lookup during the ino lookup ioctl During the ino lookup ioctl we can end up calling btrfs_iget() to get an inode reference while we are holding on a root's btree. If btrfs_iget() needs to lookup the inode from the root's btree, because it's not currently loaded in memory, then it will need to lock another or the same path in the same root btree. This may result in a deadlock and trigger the fo

Affected Packages4 packages

Linuxlinux/linux_kernel4.18.05.10.197+3
Debianlinux/linux_kernel< 5.10.197-1+3
CVEListV5linux/linux23d0b79dfaed2305b500b0215b0421701ada6b1a7390bb377b5fb3be23cb021e0f184d1f576be7d6+5
debiandebian/linux< linux 6.1.55-1 (bookworm)

🔴Vulnerability Details

3
OSV
btrfs: release path before inode lookup during the ino lookup ioctl2025-12-30
OSV
CVE-2023-54281: In the Linux kernel, the following vulnerability has been resolved: btrfs: release path before inode lookup during the ino lookup ioctl During the ino2025-12-30
GHSA
GHSA-5q4r-9x8x-8xrp: In the Linux kernel, the following vulnerability has been resolved: btrfs: release path before inode lookup during the ino lookup ioctl During the i2025-12-30

📋Vendor Advisories

2
Red Hat
kernel: btrfs: release path before inode lookup during the ino lookup ioctl2025-12-30
Debian
CVE-2023-54281: linux - In the Linux kernel, the following vulnerability has been resolved: btrfs: rele...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54281 Impact, Exploitability, and Mitigation Steps | Wiz