fkie_cve-2023-53214
Vulnerability from fkie_nvd
Published
2025-09-15 15:15
Modified
2025-09-15 15:22
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
f2fs: fix to avoid potential memory corruption in __update_iostat_latency()
Add iotype sanity check to avoid potential memory corruption.
This is to fix the compile error below:
fs/f2fs/iostat.c:231 __update_iostat_latency() error: buffer overflow
'io_lat->peak_lat[type]' 3 <= 3
vim +228 fs/f2fs/iostat.c
211 static inline void __update_iostat_latency(struct bio_iostat_ctx
*iostat_ctx,
212 enum iostat_lat_type type)
213 {
214 unsigned long ts_diff;
215 unsigned int page_type = iostat_ctx->type;
216 struct f2fs_sb_info *sbi = iostat_ctx->sbi;
217 struct iostat_lat_info *io_lat = sbi->iostat_io_lat;
218 unsigned long flags;
219
220 if (!sbi->iostat_enable)
221 return;
222
223 ts_diff = jiffies - iostat_ctx->submit_ts;
224 if (page_type >= META_FLUSH)
^^^^^^^^^^
225 page_type = META;
226
227 spin_lock_irqsave(&sbi->iostat_lat_lock, flags);
@228 io_lat->sum_lat[type][page_type] += ts_diff;
^^^^^^^^^
Mixup between META_FLUSH and NR_PAGE_TYPE leads to memory corruption.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to avoid potential memory corruption in __update_iostat_latency()\n\nAdd iotype sanity check to avoid potential memory corruption.\nThis is to fix the compile error below:\n\nfs/f2fs/iostat.c:231 __update_iostat_latency() error: buffer overflow\n\u0027io_lat-\u003epeak_lat[type]\u0027 3 \u003c= 3\n\nvim +228 fs/f2fs/iostat.c\n\n 211 static inline void __update_iostat_latency(struct bio_iostat_ctx\n\t*iostat_ctx,\n 212\t\t\t\t\tenum iostat_lat_type type)\n 213 {\n 214\t\tunsigned long ts_diff;\n 215\t\tunsigned int page_type = iostat_ctx-\u003etype;\n 216\t\tstruct f2fs_sb_info *sbi = iostat_ctx-\u003esbi;\n 217\t\tstruct iostat_lat_info *io_lat = sbi-\u003eiostat_io_lat;\n 218\t\tunsigned long flags;\n 219\n 220\t\tif (!sbi-\u003eiostat_enable)\n 221\t\t\treturn;\n 222\n 223\t\tts_diff = jiffies - iostat_ctx-\u003esubmit_ts;\n 224\t\tif (page_type \u003e= META_FLUSH)\n ^^^^^^^^^^\n\n 225\t\t\tpage_type = META;\n 226\n 227\t\tspin_lock_irqsave(\u0026sbi-\u003eiostat_lat_lock, flags);\n @228\t\tio_lat-\u003esum_lat[type][page_type] += ts_diff;\n ^^^^^^^^^\nMixup between META_FLUSH and NR_PAGE_TYPE leads to memory corruption."
}
],
"id": "CVE-2023-53214",
"lastModified": "2025-09-15T15:22:27.090",
"metrics": {},
"published": "2025-09-15T15:15:48.027",
"references": [
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/0dbbf0fb38d5ec5d4138d1aeaeb43d9217b9a592"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/20b4f3de0f3932f71b4a8daf0671e517a8d98022"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/22ddbbff116ee7dce5431feb1c0f36a507d2d68d"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/aa4d726af72a21732ce120484e0b1240674a13b3"
}
],
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Awaiting Analysis"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…