CVE-2023-54194 (GCVE-0-2023-54194)

Vulnerability from cvelistv5 – Published: 2025-12-30 12:09 – Updated: 2026-01-05 10:51
VLAI?
Title
exfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree
Summary
In the Linux kernel, the following vulnerability has been resolved: exfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree The call stack shown below is a scenario in the Linux 4.19 kernel. Allocating memory failed where exfat fs use kmalloc_array due to system memory fragmentation, while the u-disk was inserted without recognition. Devices such as u-disk using the exfat file system are pluggable and may be insert into the system at any time. However, long-term running systems cannot guarantee the continuity of physical memory. Therefore, it's necessary to address this issue. Binder:2632_6: page allocation failure: order:4, mode:0x6040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null) Call trace: [242178.097582] dump_backtrace+0x0/0x4 [242178.097589] dump_stack+0xf4/0x134 [242178.097598] warn_alloc+0xd8/0x144 [242178.097603] __alloc_pages_nodemask+0x1364/0x1384 [242178.097608] kmalloc_order+0x2c/0x510 [242178.097612] kmalloc_order_trace+0x40/0x16c [242178.097618] __kmalloc+0x360/0x408 [242178.097624] load_alloc_bitmap+0x160/0x284 [242178.097628] exfat_fill_super+0xa3c/0xe7c [242178.097635] mount_bdev+0x2e8/0x3a0 [242178.097638] exfat_fs_mount+0x40/0x50 [242178.097643] mount_fs+0x138/0x2e8 [242178.097649] vfs_kern_mount+0x90/0x270 [242178.097655] do_mount+0x798/0x173c [242178.097659] ksys_mount+0x114/0x1ac [242178.097665] __arm64_sys_mount+0x24/0x34 [242178.097671] el0_svc_common+0xb8/0x1b8 [242178.097676] el0_svc_handler+0x74/0x90 [242178.097681] el0_svc+0x8/0x340 By analyzing the exfat code,we found that continuous physical memory is not required here,so kvmalloc_array is used can solve this problem.
Severity ?
No CVSS data available.
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: 1e49a94cf707204b66a3fb242f2814712c941f52 , < 79d16a84ea41272dfcb0c00f9798ddd0edd8098d (git)
Affected: 1e49a94cf707204b66a3fb242f2814712c941f52 , < 8a34a242cf03211cc89f68308d149b793f63c479 (git)
Affected: 1e49a94cf707204b66a3fb242f2814712c941f52 , < 1427a7e96fb90d0896f74f5bcd21feb03cc7c3d0 (git)
Affected: 1e49a94cf707204b66a3fb242f2814712c941f52 , < 0c5c3e8a2550b6b2a304b45f260296db9c09df96 (git)
Affected: 1e49a94cf707204b66a3fb242f2814712c941f52 , < daf60d6cca26e50d65dac374db92e58de745ad26 (git)
Create a notification for this product.
    Linux Linux Affected: 5.7
Unaffected: 0 , < 5.7 (semver)
Unaffected: 5.10.190 , ≤ 5.10.* (semver)
Unaffected: 5.15.126 , ≤ 5.15.* (semver)
Unaffected: 6.1.45 , ≤ 6.1.* (semver)
Unaffected: 6.4.10 , ≤ 6.4.* (semver)
Unaffected: 6.5 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/exfat/balloc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "79d16a84ea41272dfcb0c00f9798ddd0edd8098d",
              "status": "affected",
              "version": "1e49a94cf707204b66a3fb242f2814712c941f52",
              "versionType": "git"
            },
            {
              "lessThan": "8a34a242cf03211cc89f68308d149b793f63c479",
              "status": "affected",
              "version": "1e49a94cf707204b66a3fb242f2814712c941f52",
              "versionType": "git"
            },
            {
              "lessThan": "1427a7e96fb90d0896f74f5bcd21feb03cc7c3d0",
              "status": "affected",
              "version": "1e49a94cf707204b66a3fb242f2814712c941f52",
              "versionType": "git"
            },
            {
              "lessThan": "0c5c3e8a2550b6b2a304b45f260296db9c09df96",
              "status": "affected",
              "version": "1e49a94cf707204b66a3fb242f2814712c941f52",
              "versionType": "git"
            },
            {
              "lessThan": "daf60d6cca26e50d65dac374db92e58de745ad26",
              "status": "affected",
              "version": "1e49a94cf707204b66a3fb242f2814712c941f52",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/exfat/balloc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.7"
            },
            {
              "lessThan": "5.7",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.190",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.126",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.45",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.*",
              "status": "unaffected",
              "version": "6.4.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.5",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.190",
                  "versionStartIncluding": "5.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.126",
                  "versionStartIncluding": "5.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.45",
                  "versionStartIncluding": "5.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.4.10",
                  "versionStartIncluding": "5.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.5",
                  "versionStartIncluding": "5.7",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nexfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree\n\nThe call stack shown below is a scenario in the Linux 4.19 kernel.\nAllocating memory failed where exfat fs use kmalloc_array due to\nsystem memory fragmentation, while the u-disk was inserted without\nrecognition.\nDevices such as u-disk using the exfat file system are pluggable and\nmay be insert into the system at any time.\nHowever, long-term running systems cannot guarantee the continuity of\nphysical memory. Therefore, it\u0027s necessary to address this issue.\n\nBinder:2632_6: page allocation failure: order:4,\n mode:0x6040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null)\nCall trace:\n[242178.097582]  dump_backtrace+0x0/0x4\n[242178.097589]  dump_stack+0xf4/0x134\n[242178.097598]  warn_alloc+0xd8/0x144\n[242178.097603]  __alloc_pages_nodemask+0x1364/0x1384\n[242178.097608]  kmalloc_order+0x2c/0x510\n[242178.097612]  kmalloc_order_trace+0x40/0x16c\n[242178.097618]  __kmalloc+0x360/0x408\n[242178.097624]  load_alloc_bitmap+0x160/0x284\n[242178.097628]  exfat_fill_super+0xa3c/0xe7c\n[242178.097635]  mount_bdev+0x2e8/0x3a0\n[242178.097638]  exfat_fs_mount+0x40/0x50\n[242178.097643]  mount_fs+0x138/0x2e8\n[242178.097649]  vfs_kern_mount+0x90/0x270\n[242178.097655]  do_mount+0x798/0x173c\n[242178.097659]  ksys_mount+0x114/0x1ac\n[242178.097665]  __arm64_sys_mount+0x24/0x34\n[242178.097671]  el0_svc_common+0xb8/0x1b8\n[242178.097676]  el0_svc_handler+0x74/0x90\n[242178.097681]  el0_svc+0x8/0x340\n\nBy analyzing the exfat code,we found that continuous physical memory\nis not required here,so kvmalloc_array is used can solve this problem."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-05T10:51:25.173Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/79d16a84ea41272dfcb0c00f9798ddd0edd8098d"
        },
        {
          "url": "https://git.kernel.org/stable/c/8a34a242cf03211cc89f68308d149b793f63c479"
        },
        {
          "url": "https://git.kernel.org/stable/c/1427a7e96fb90d0896f74f5bcd21feb03cc7c3d0"
        },
        {
          "url": "https://git.kernel.org/stable/c/0c5c3e8a2550b6b2a304b45f260296db9c09df96"
        },
        {
          "url": "https://git.kernel.org/stable/c/daf60d6cca26e50d65dac374db92e58de745ad26"
        }
      ],
      "title": "exfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54194",
    "datePublished": "2025-12-30T12:09:01.436Z",
    "dateReserved": "2025-12-30T12:06:44.498Z",
    "dateUpdated": "2026-01-05T10:51:25.173Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-54194\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-12-30T13:16:07.437\",\"lastModified\":\"2025-12-31T20:43:05.160\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nexfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree\\n\\nThe call stack shown below is a scenario in the Linux 4.19 kernel.\\nAllocating memory failed where exfat fs use kmalloc_array due to\\nsystem memory fragmentation, while the u-disk was inserted without\\nrecognition.\\nDevices such as u-disk using the exfat file system are pluggable and\\nmay be insert into the system at any time.\\nHowever, long-term running systems cannot guarantee the continuity of\\nphysical memory. Therefore, it\u0027s necessary to address this issue.\\n\\nBinder:2632_6: page allocation failure: order:4,\\n mode:0x6040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null)\\nCall trace:\\n[242178.097582]  dump_backtrace+0x0/0x4\\n[242178.097589]  dump_stack+0xf4/0x134\\n[242178.097598]  warn_alloc+0xd8/0x144\\n[242178.097603]  __alloc_pages_nodemask+0x1364/0x1384\\n[242178.097608]  kmalloc_order+0x2c/0x510\\n[242178.097612]  kmalloc_order_trace+0x40/0x16c\\n[242178.097618]  __kmalloc+0x360/0x408\\n[242178.097624]  load_alloc_bitmap+0x160/0x284\\n[242178.097628]  exfat_fill_super+0xa3c/0xe7c\\n[242178.097635]  mount_bdev+0x2e8/0x3a0\\n[242178.097638]  exfat_fs_mount+0x40/0x50\\n[242178.097643]  mount_fs+0x138/0x2e8\\n[242178.097649]  vfs_kern_mount+0x90/0x270\\n[242178.097655]  do_mount+0x798/0x173c\\n[242178.097659]  ksys_mount+0x114/0x1ac\\n[242178.097665]  __arm64_sys_mount+0x24/0x34\\n[242178.097671]  el0_svc_common+0xb8/0x1b8\\n[242178.097676]  el0_svc_handler+0x74/0x90\\n[242178.097681]  el0_svc+0x8/0x340\\n\\nBy analyzing the exfat code,we found that continuous physical memory\\nis not required here,so kvmalloc_array is used can solve this problem.\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/0c5c3e8a2550b6b2a304b45f260296db9c09df96\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/1427a7e96fb90d0896f74f5bcd21feb03cc7c3d0\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/79d16a84ea41272dfcb0c00f9798ddd0edd8098d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/8a34a242cf03211cc89f68308d149b793f63c479\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/daf60d6cca26e50d65dac374db92e58de745ad26\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.