{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-53081", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-05-02T15:51:43.549Z", "datePublished": "2025-05-02T15:55:30.453Z", "dateUpdated": "2025-05-04T12:50:20.030Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T12:50:20.030Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: fix data corruption after failed write\n\nWhen buffered write fails to copy data into underlying page cache page,\nocfs2_write_end_nolock() just zeroes out and dirties the page. This can\nleave dirty page beyond EOF and if page writeback tries to write this page\nbefore write succeeds and expands i_size, page gets into inconsistent\nstate where page dirty bit is clear but buffer dirty bits stay set\nresulting in page data never getting written and so data copied to the\npage is lost. Fix the problem by invalidating page beyond EOF after\nfailed write."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/ocfs2/aops.c"], "versions": [{"version": "7ed80e77c908cbaa686529a49f8ae0060c5caee7", "lessThan": "1629f6f522b2d058019710466a84b240683bbee3", "status": "affected", "versionType": "git"}, {"version": "7ce2b16bad2cbfa3fa7bbc42c4448914f639ca47", "lessThan": "c26f3ff4c0be590c1250f945ac2e4fc5fcdc5f45", "status": "affected", "versionType": "git"}, {"version": "f8a6a2ed4b7d1c3c8631eeb6d00572bc853094a8", "lessThan": "4c24eb49ab44351424ac8fe8567f91ea48a06089", "status": "affected", "versionType": "git"}, {"version": "6dbf7bb555981fb5faf7b691e8f6169fc2b2e63b", "lessThan": "91d7a4bd5656552d6259e2d0f8859f9e8cc5ef68", "status": "affected", "versionType": "git"}, {"version": "6dbf7bb555981fb5faf7b691e8f6169fc2b2e63b", "lessThan": "a9e53869cb43c96d6d851c491fd4e26430ab6ba6", "status": "affected", "versionType": "git"}, {"version": "6dbf7bb555981fb5faf7b691e8f6169fc2b2e63b", "lessThan": "47eb055ad3588fc96d34e9e1dd87b210ce62906b", "status": "affected", "versionType": "git"}, {"version": "6dbf7bb555981fb5faf7b691e8f6169fc2b2e63b", "lessThan": "205759c6c18f54659b0b5976b14a52d1b3eb9f57", "status": "affected", "versionType": "git"}, {"version": "6dbf7bb555981fb5faf7b691e8f6169fc2b2e63b", "lessThan": "90410bcf873cf05f54a32183afff0161f44f9715", "status": "affected", "versionType": "git"}, {"version": "acef5107e2eacb08a16ad5db60320d65bd26a6c0", "status": "affected", "versionType": "git"}, {"version": "36ed9e604215f58cec0381ca5fcc6da05f2d87ca", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/ocfs2/aops.c"], "versions": [{"version": "5.10", "status": "affected"}, {"version": "0", "lessThan": "5.10", "status": "unaffected", "versionType": "semver"}, {"version": "4.14.312", "lessThanOrEqual": "4.14.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.280", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.240", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.177", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.105", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.21", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.2.8", "lessThanOrEqual": "6.2.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.3", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.14.204", "versionEndExcluding": "4.14.312"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.19.155", "versionEndExcluding": "4.19.280"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.4.75", "versionEndExcluding": "5.4.240"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10", "versionEndExcluding": "5.10.177"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10", "versionEndExcluding": "5.15.105"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10", "versionEndExcluding": "6.1.21"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10", "versionEndExcluding": "6.2.8"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10", "versionEndExcluding": "6.3"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.9.242"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.9.5"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/1629f6f522b2d058019710466a84b240683bbee3"}, {"url": "https://git.kernel.org/stable/c/c26f3ff4c0be590c1250f945ac2e4fc5fcdc5f45"}, {"url": "https://git.kernel.org/stable/c/4c24eb49ab44351424ac8fe8567f91ea48a06089"}, {"url": "https://git.kernel.org/stable/c/91d7a4bd5656552d6259e2d0f8859f9e8cc5ef68"}, {"url": "https://git.kernel.org/stable/c/a9e53869cb43c96d6d851c491fd4e26430ab6ba6"}, {"url": "https://git.kernel.org/stable/c/47eb055ad3588fc96d34e9e1dd87b210ce62906b"}, {"url": "https://git.kernel.org/stable/c/205759c6c18f54659b0b5976b14a52d1b3eb9f57"}, {"url": "https://git.kernel.org/stable/c/90410bcf873cf05f54a32183afff0161f44f9715"}], "title": "ocfs2: fix data corruption after failed write", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: fix data corruption after failed write\n\nWhen buffered write fails to copy data into underlying page cache page,\nocfs2_write_end_nolock() just zeroes out and dirties the page. This can\nleave dirty page beyond EOF and if page writeback tries to write this page\nbefore write succeeds and expands i_size, page gets into inconsistent\nstate where page dirty bit is clear but buffer dirty bits stay set\nresulting in page data never getting written and so data copied to the\npage is lost. Fix the problem by invalidating page beyond EOF after\nfailed write."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ocfs2: se corrige la corrupci\u00f3n de datos tras una escritura fallida. Cuando una escritura en b\u00fafer no copia los datos en la p\u00e1gina de cach\u00e9 de la p\u00e1gina subyacente, ocfs2_write_end_nolock() simplemente pone a cero y contamina la p\u00e1gina. Esto puede dejar una p\u00e1gina contaminada m\u00e1s all\u00e1 del EOF. Si la escritura diferida intenta escribir en esta p\u00e1gina antes de que la escritura tenga \u00e9xito y expande i_size, la p\u00e1gina entra en un estado inconsistente donde el bit de p\u00e1gina contaminada se borra, pero los bits de b\u00fafer contaminados permanecen activos, lo que resulta en que los datos de la p\u00e1gina nunca se escriban y, por lo tanto, se pierdan los datos copiados. Se soluciona el problema invalidando la p\u00e1gina m\u00e1s all\u00e1 del EOF tras una escritura fallida."}], "id": "CVE-2023-53081", "lastModified": "2025-05-05T20:54:45.973", "metrics": {}, "published": "2025-05-02T16:15:27.117", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/1629f6f522b2d058019710466a84b240683bbee3"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/205759c6c18f54659b0b5976b14a52d1b3eb9f57"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/47eb055ad3588fc96d34e9e1dd87b210ce62906b"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/4c24eb49ab44351424ac8fe8567f91ea48a06089"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/90410bcf873cf05f54a32183afff0161f44f9715"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/91d7a4bd5656552d6259e2d0f8859f9e8cc5ef68"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/a9e53869cb43c96d6d851c491fd4e26430ab6ba6"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/c26f3ff4c0be590c1250f945ac2e4fc5fcdc5f45"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: ocfs2: fix data corruption after failed write", "id": "2363702", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2363702"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nocfs2: fix data corruption after failed write\nWhen buffered write fails to copy data into underlying page cache page,\nocfs2_write_end_nolock() just zeroes out and dirties the page. This can\nleave dirty page beyond EOF and if page writeback tries to write this page\nbefore write succeeds and expands i_size, page gets into inconsistent\nstate where page dirty bit is clear but buffer dirty bits stay set\nresulting in page data never getting written and so data copied to the\npage is lost. Fix the problem by invalidating page beyond EOF after\nfailed write."], "name": "CVE-2023-53081", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-05-02T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-53081\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-53081\nhttps://lore.kernel.org/linux-cve-announce/2025050217-CVE-2023-53081-f8a2@gregkh/T"], "threat_severity": "Moderate"}