fkie_cve-2023-53506
Vulnerability from fkie_nvd
Published
2025-10-01 12:15
Modified
2025-10-02 19:11
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: udf: Do not bother merging very long extents When merging very long extents we try to push as much length as possible to the first extent. However this is unnecessarily complicated and not really worth the trouble. Furthermore there was a bug in the logic resulting in corrupting extents in the file as syzbot reproducer shows. So just don't bother with the merging of extents that are too long together.
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/3d20e3b768aff32112bdce8d3219d923ae75f9f1
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/53cafe1d6d8ef9f93318e5bfccc0d24f27d41ced
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/5d029799d381a9ee06209a222cae75f04c5d5304
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/7a965da79f2d22601f329cbfce588386b0847544
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/965982feb333aefa9256c0fe188b5f1b958aef63
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/9a8d602f0723586e668bae7e65c832ceb9bcc8bc
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/adac9ac6d2e04ea0782b91a00ba10706002f3ec4
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/d52252a1de4cf96a34f722b0cd8902d8ff78eb57
Impacted products
Vendor Product Version


To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nudf: Do not bother merging very long extents\n\nWhen merging very long extents we try to push as much length as possible\nto the first extent. However this is unnecessarily complicated and not\nreally worth the trouble. Furthermore there was a bug in the logic\nresulting in corrupting extents in the file as syzbot reproducer shows.\nSo just don\u0027t bother with the merging of extents that are too long\ntogether."
    }
  ],
  "id": "CVE-2023-53506",
  "lastModified": "2025-10-02T19:11:46.753",
  "metrics": {},
  "published": "2025-10-01T12:15:54.320",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/3d20e3b768aff32112bdce8d3219d923ae75f9f1"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/53cafe1d6d8ef9f93318e5bfccc0d24f27d41ced"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/5d029799d381a9ee06209a222cae75f04c5d5304"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/7a965da79f2d22601f329cbfce588386b0847544"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/965982feb333aefa9256c0fe188b5f1b958aef63"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/9a8d602f0723586e668bae7e65c832ceb9bcc8bc"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/adac9ac6d2e04ea0782b91a00ba10706002f3ec4"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/d52252a1de4cf96a34f722b0cd8902d8ff78eb57"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.