Linux Kernel Vulnerability in HFS File System from Developer's Reference
CVE-2023-53862

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 9 December 2025

What is CVE-2023-53862?

A reference counting issue has been identified in the HFS file system of the Linux kernel, leading to a potential kernel BUG. The problem originates from the hfs_bnode_put function, where a missing invocation of hfs_bnode_get results in an unexpected reference count of zero. This occurs in scenarios involving HFS node creation and writing operations, potentially triggering a panic state. Proper management of reference counts is essential in preventing such critical failures during filesystem operations.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 062af3e9930762d1fd22946748d34e0d859e4a8e

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 3a9065a33988c02789722be612f7c42fb8ebbb22

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

References

https://git.kernel.org/stable/c/062af3e9930762d1fd2294674...

https://git.kernel.org/stable/c/3a9065a33988c02789722be61...

https://git.kernel.org/stable/c/eda6879272e4df5456afc3664...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 9, 2025
Vulnerability Reserved
Dec 9, 2025

JSON