| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025100706-CVE-2023-53672-cfad@gregkh> Date: Tue, 7 Oct 2025 17:21:31 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2023-53672: btrfs: output extra debug info if we failed to find an inline backref From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: btrfs: output extra debug info if we failed to find an inline backref [BUG] Syzbot reported several warning triggered inside lookup_inline_extent_backref(). [CAUSE] As usual, the reproducer doesn't reliably trigger locally here, but at least we know the WARN_ON() is triggered when an inline backref can not be found, and it can only be triggered when @insert is true. (I.e. inserting a new inline backref, which means the backref should already exist) [ENHANCEMENT] After the WARN_ON(), dump all the parameters and the extent tree leaf to help debug. The Linux kernel CVE team has assigned CVE-2023-53672 to this issue. Affected and fixed versions =========================== Fixed in 4.14.326 with commit 376b41524b71e494514720bd6114325b0a2ed19c Fixed in 4.19.295 with commit 400e08a16604b534fdd82c5a288fa150d04f5f79 Fixed in 5.4.257 with commit 7afbfde45d665953b4d5a42a721e15bf0315d89b Fixed in 5.10.197 with commit b7c3cf2f6c42e6688b1c37215a0b1663f982f915 Fixed in 5.15.133 with commit 6994f806c6d1ae8b59344d3700358547f3b3fe1d Fixed in 6.1.55 with commit 28062cd6eda04035d8f6ded2001292ac8b496149 Fixed in 6.5.5 with commit e70ba449b04b40584bdabb383d10455397cbf177 Fixed in 6.6 with commit 7f72f50547b7af4ddf985b07fc56600a4deba281 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2023-53672 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: fs/btrfs/extent-tree.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/376b41524b71e494514720bd6114325b0a2ed19c https://git.kernel.org/stable/c/400e08a16604b534fdd82c5a288fa150d04f5f79 https://git.kernel.org/stable/c/7afbfde45d665953b4d5a42a721e15bf0315d89b https://git.kernel.org/stable/c/b7c3cf2f6c42e6688b1c37215a0b1663f982f915 https://git.kernel.org/stable/c/6994f806c6d1ae8b59344d3700358547f3b3fe1d https://git.kernel.org/stable/c/28062cd6eda04035d8f6ded2001292ac8b496149 https://git.kernel.org/stable/c/e70ba449b04b40584bdabb383d10455397cbf177 https://git.kernel.org/stable/c/7f72f50547b7af4ddf985b07fc56600a4deba281
Powered by blists - more mailing lists