Slab-out-of-bounds Vulnerability in Linux Kernel Affected by NTFS Module
CVE-2023-53420

7.1HIGH

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 18 September 2025

What is CVE-2023-53420?

A vulnerability in the Linux kernel's NTFS module has been identified, which can lead to a slab-out-of-bounds condition when improperly handling extended attributes. Specifically, the issue arises in the function ntfs_listxattr, where an invalid memory address may be accessed if the name length of an extended attribute is zero. This flaw has potential implications for system stability and security, necessitating prompt attention to the vulnerability. The patch has corrected the iteration logic to prevent access to invalid memory regions, thereby enhancing the kernel's resilience against such exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux be71b5cba2e6485e8959da7a9f9a44461a1bb074

Linux be71b5cba2e6485e8959da7a9f9a44461a1bb074 < 721b75ea2dfce53a8890dff92ae01afca8e74f88

References

https://git.kernel.org/stable/c/f3380d895e28a32632eb3609f...

https://git.kernel.org/stable/c/c86a2517df6c9304db8fb12b7...

https://git.kernel.org/stable/c/721b75ea2dfce53a8890dff92...

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 18, 2025
Vulnerability Reserved
Sep 17, 2025

JSON

Linux