Wind River Support Network

HomeDefectsLIN1023-17263
Fixed

LIN1023-17263 : Security Advisory - linux - CVE-2023-53829

Created: Dec 10, 2025    Updated: Dec 11, 2025
Resolved Date: Dec 10, 2025
Found In Version: 10.23.30.1
Fix Version: 10.23.30.3
Severity: Standard
Applicable for: Wind River Linux LTS 23
Component/s: Kernel

Description

In the Linux kernel, the following vulnerability has been resolved:[EOL][EOL]f2fs: flush inode if atomic file is aborted[EOL][EOL]Let's flush the inode being aborted atomic operation to avoid stale dirty[EOL]inode during eviction in this call stack:[EOL][EOL]  f2fs_mark_inode_dirty_sync+0x22/0x40 [f2fs][EOL]  f2fs_abort_atomic_write+0xc4/0xf0 [f2fs][EOL]  f2fs_evict_inode+0x3f/0x690 [f2fs][EOL]  ? sugov_start+0x140/0x140[EOL]  evict+0xc3/0x1c0[EOL]  evict_inodes+0x17b/0x210[EOL]  generic_shutdown_super+0x32/0x120[EOL]  kill_block_super+0x21/0x50[EOL]  deactivate_locked_super+0x31/0x90[EOL]  cleanup_mnt+0x100/0x160[EOL]  task_work_run+0x59/0x90[EOL]  do_exit+0x33b/0xa50[EOL]  do_group_exit+0x2d/0x80[EOL]  __x64_sys_exit_group+0x14/0x20[EOL]  do_syscall_64+0x3b/0x90[EOL]  entry_SYSCALL_64_after_hwframe+0x63/0xcd[EOL][EOL]This triggers f2fs_bug_on() in f2fs_evict_inode:[EOL] f2fs_bug_on(sbi, is_inode_flag_set(inode, FI_DIRTY_INODE));[EOL][EOL]This fixes the syzbot report:[EOL][EOL]loop0: detected capacity change from 0 to 131072[EOL]F2FS-fs (loop0): invalid crc value[EOL]F2FS-fs (loop0): Found nat_bits in checkpoint[EOL]F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4[EOL]------------[ cut here ]------------[EOL]kernel BUG at fs/f2fs/inode.c:869![EOL]invalid opcode: 0000 [#1] PREEMPT SMP KASAN[EOL]CPU: 0 PID: 5014 Comm: syz-executor220 Not tainted 6.4.0-syzkaller-11479-g6cd06ab12d1a #0[EOL]Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023[EOL]RIP: 0010:f2fs_evict_inode+0x172d/0x1e00 fs/f2fs/inode.c:869[EOL]Code: ff df 48 c1 ea 03 80 3c 02 00 0f 85 6a 06 00 00 8b 75 40 ba 01 00 00 00 4c 89 e7 e8 6d ce 06 00 e9 aa fc ff ff e8 63 22 e2 fd <0f> 0b e8 5c 22 e2 fd 48 c7 c0 a8 3a 18 8d 48 ba 00 00 00 00 00 fc[EOL]RSP: 0018:ffffc90003a6fa00 EFLAGS: 00010293[EOL]RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000000[EOL]RDX: ffff8880273b8000 RSI: ffffffff83a2bd0d RDI: 0000000000000007[EOL]RBP: ffff888077db91b0 R08: 0000000000000007 R09: 0000000000000000[EOL]R10: 0000000000000001 R11: 0000000000000001 R12: ffff888029a3c000[EOL]R13: ffff888077db9660 R14: ffff888029a3c0b8 R15: ffff888077db9c50[EOL]FS:  0000000000000000(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000[EOL]CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033[EOL]CR2: 00007f1909bb9000 CR3: 00000000276a9000 CR4: 0000000000350ef0[EOL]Call Trace:[EOL] <TASK>[EOL] evict+0x2ed/0x6b0 fs/inode.c:665[EOL] dispose_list+0x117/0x1e0 fs/inode.c:698[EOL] evict_inodes+0x345/0x440 fs/inode.c:748[EOL] generic_shutdown_super+0xaf/0x480 fs/super.c:478[EOL] kill_block_super+0x64/0xb0 fs/super.c:1417[EOL] kill_f2fs_super+0x2af/0x3c0 fs/f2fs/super.c:4704[EOL] deactivate_locked_super+0x98/0x160 fs/super.c:330[EOL] deactivate_super+0xb1/0xd0 fs/super.c:361[EOL] cleanup_mnt+0x2ae/0x3d0 fs/namespace.c:1254[EOL] task_work_run+0x16f/0x270 kernel/task_work.c:179[EOL] exit_task_work include/linux/task_work.h:38 [inline][EOL] do_exit+0xa9a/0x29a0 kernel/exit.c:874[EOL] do_group_exit+0xd4/0x2a0 kernel/exit.c:1024[EOL] __do_sys_exit_group kernel/exit.c:1035 [inline][EOL] __se_sys_exit_group kernel/exit.c:1033 [inline][EOL] __x64_sys_exit_group+0x3e/0x50 kernel/exit.c:1033[EOL] do_syscall_x64 arch/x86/entry/common.c:50 [inline][EOL] do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80[EOL] entry_SYSCALL_64_after_hwframe+0x63/0xcd[EOL]RIP: 0033:0x7f309be71a09[EOL]Code: Unable to access opcode bytes at 0x7f309be719df.[EOL]RSP: 002b:00007fff171df518 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7[EOL]RAX: ffffffffffffffda RBX: 00007f309bef7330 RCX: 00007f309be71a09[EOL]RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001[EOL]RBP: 0000000000000001 R08: ffffffffffffffc0 R09: 00007f309bef1e40[EOL]R10: 0000000000010600 R11: 0000000000000246 R12: 00007f309bef7330[EOL]R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001[EOL] </TASK>[EOL]Modules linked in:[EOL]---[ end trace 0000000000000000 ]---[EOL]RIP: 0010:f2fs_evict_inode+0x172d/0x1e00 fs/f2fs/inode.c:869[EOL]Code: ff df 48 c1 ea 03 80 3c 02 00 0f 85 6a 06 00 00 8b 75 40 ba 01 00 00 00 4c 89 e7 e8 6d ce 06 00 e9 aa fc ff ff e8 63 22 e2 fd <0f> 0b e8 5c 22 e2 fd 48 c7 c0 a8 3a 18 8d 48 ba 00 00 00 00 00 fc[EOL]RSP: 0018:ffffc90003a6fa00 EFLAGS: 00010293[EOL]RAX: 0000000000000000 RBX: 0000000000[EOL]---truncated---

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube