Denial of Service Vulnerability in Linux Kernel's ext4 File System
CVE-2023-53503

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
1 October 2025

What is CVE-2023-53503?

In the Linux kernel, a vulnerability was identified in the ext4 file system where the function ext4_get_group_info() previously treated an invalid group number as a critical error (BUG()). This flaw could allow a malicious actor to exploit the system by modifying the superblock while the file system is mounted, leading to an oversized value assigned to s_first_data_block. Consequently, this could trigger an underflow when determining the block group for a specified block number, initiating a denial of service scenario. In the revised implementation, ext4_get_group_info() no longer triggers a critical error but instead returns NULL and logs the issue, thereby enhancing system stability even when administrative errors occur.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 2f2e09eb15849562aede80ed007658e4504ded26 < 100c0ad6c04597fefeaaba2bb1827cc015d95067

Linux 2f2e09eb15849562aede80ed007658e4504ded26 < 620a3c28221bb219b81bc0bffd065cc187494302

Linux 2f2e09eb15849562aede80ed007658e4504ded26

References

https://git.kernel.org/stable/c/100c0ad6c04597fefeaaba2bb...
https://git.kernel.org/stable/c/620a3c28221bb219b81bc0bff...
https://git.kernel.org/stable/c/b4319e457d6e3fb33e443efea...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.