CVE-2023-53473 (GCVE-0-2023-53473)
Vulnerability from cvelistv5
Published
2025-10-01 11:42
Modified
2025-10-01 11:42
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: ext4: improve error handling from ext4_dirhash() The ext4_dirhash() will *almost* never fail, especially when the hash tree feature was first introduced. However, with the addition of support of encrypted, casefolded file names, that function can most certainly fail today. So make sure the callers of ext4_dirhash() properly check for failures, and reflect the errors back up to their callers.
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/4b3cb1d108bfc2aebb0d7c8a52261a53cf7f5786
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/70d579aefa652a06af97e013e3fbbabbe5a43553
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/b2531936118deb3f479c4fa1bcd787b74b8faa6a
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/c1fae027da61fe8e7eb99f7244297e81bc0f1e43
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/f68876aeef96ef8b708ab10b9cb47ce0a5adb424
Impacted products
Vendor Product Version
Linux Linux Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
 Create a notification for this product.
   Linux Linux Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/ext4/hash.c",
            "fs/ext4/namei.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "b2531936118deb3f479c4fa1bcd787b74b8faa6a",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "f68876aeef96ef8b708ab10b9cb47ce0a5adb424",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "70d579aefa652a06af97e013e3fbbabbe5a43553",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "c1fae027da61fe8e7eb99f7244297e81bc0f1e43",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "4b3cb1d108bfc2aebb0d7c8a52261a53cf7f5786",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/ext4/hash.c",
            "fs/ext4/namei.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.112",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.29",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.2.*",
              "status": "unaffected",
              "version": "6.2.16",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.3.*",
              "status": "unaffected",
              "version": "6.3.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.4",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.112",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.29",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.2.16",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.3.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.4",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: improve error handling from ext4_dirhash()\n\nThe ext4_dirhash() will *almost* never fail, especially when the hash\ntree feature was first introduced.  However, with the addition of\nsupport of encrypted, casefolded file names, that function can most\ncertainly fail today.\n\nSo make sure the callers of ext4_dirhash() properly check for\nfailures, and reflect the errors back up to their callers."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-01T11:42:42.875Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/b2531936118deb3f479c4fa1bcd787b74b8faa6a"
        },
        {
          "url": "https://git.kernel.org/stable/c/f68876aeef96ef8b708ab10b9cb47ce0a5adb424"
        },
        {
          "url": "https://git.kernel.org/stable/c/70d579aefa652a06af97e013e3fbbabbe5a43553"
        },
        {
          "url": "https://git.kernel.org/stable/c/c1fae027da61fe8e7eb99f7244297e81bc0f1e43"
        },
        {
          "url": "https://git.kernel.org/stable/c/4b3cb1d108bfc2aebb0d7c8a52261a53cf7f5786"
        }
      ],
      "title": "ext4: improve error handling from ext4_dirhash()",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-53473",
    "datePublished": "2025-10-01T11:42:42.875Z",
    "dateReserved": "2025-10-01T11:39:39.401Z",
    "dateUpdated": "2025-10-01T11:42:42.875Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-53473\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-10-01T12:15:49.557\",\"lastModified\":\"2025-10-02T19:12:17.160\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\next4: improve error handling from ext4_dirhash()\\n\\nThe ext4_dirhash() will *almost* never fail, especially when the hash\\ntree feature was first introduced.  However, with the addition of\\nsupport of encrypted, casefolded file names, that function can most\\ncertainly fail today.\\n\\nSo make sure the callers of ext4_dirhash() properly check for\\nfailures, and reflect the errors back up to their callers.\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/4b3cb1d108bfc2aebb0d7c8a52261a53cf7f5786\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/70d579aefa652a06af97e013e3fbbabbe5a43553\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/b2531936118deb3f479c4fa1bcd787b74b8faa6a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/c1fae027da61fe8e7eb99f7244297e81bc0f1e43\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/f68876aeef96ef8b708ab10b9cb47ce0a5adb424\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.