Bounds Checking Vulnerability in Linux Kernel's ext4 Filesystem
CVE-2023-53285

7.8HIGH

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
16 September 2025

What is CVE-2023-53285?

A significant vulnerability was identified in the Linux kernel's ext4 filesystem that potentially allows for inode table corruption. When the filesystem is mounted, the lack of proper bounds checking during operations on extended attributes may lead to unauthorized reads beyond allocated memory. This oversight occurs when a write operation is performed on the block device while it is actively being used. Implementing bounds checking in the 'get_max_inline_xattr_value_size()' function is essential to mitigate risks of memory corruption, ensuring the integrity and stability of the filesystem.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 67cf5b09a46f72e048501b84996f2f77bc42e947 < 5a229d21b98d132673096710e8281ef522dab1d1

Linux 67cf5b09a46f72e048501b84996f2f77bc42e947 < 3d7b8fbcd2273e2b9f4c6de5ce2f4c0cd3cb1205

Linux 67cf5b09a46f72e048501b84996f2f77bc42e947 < 486efbbc9445dca7890a1b86adbccb88b91284b0

References

https://git.kernel.org/stable/c/5a229d21b98d132673096710e...
https://git.kernel.org/stable/c/3d7b8fbcd2273e2b9f4c6de5c...
https://git.kernel.org/stable/c/486efbbc9445dca7890a1b86a...

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.