Use-After-Free Vulnerability in nilfs2 Linux Kernel by Linux Foundation
CVE-2023-53311
What is CVE-2023-53311?
A use-after-free vulnerability exists in the nilfs2 filesystem of the Linux kernel, which could compromise the integrity and stability of systems when inodes are prematurely released. This flaw is triggered during the unmount process when the nilfs_root structure is left unheld after the log writer detaches. An oversight in the call path involving the mark_inode_dirty_sync function can lead to a use-after-free scenario, requiring careful handling to avoid data corruption. The vulnerability was addressed by introducing a purging flag to track the state of the nilfs structure during garbage list disposal, ensuring safer operations without disrupting recovery workflows.
Affected Version(s)
Linux 0ae45f63d4ef8d8eeec49c7d8b44a1775fff13e8 < 11afd67f1b3c28eb216e50a3ca8dbcb69bb71793
Linux 0ae45f63d4ef8d8eeec49c7d8b44a1775fff13e8
Linux 0ae45f63d4ef8d8eeec49c7d8b44a1775fff13e8