vulnerability
Ubuntu: (CVE-2023-54063): linux vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:L/AC:L/Au:S/C:C/I:N/A:C) | Dec 24, 2025 | Jan 6, 2026 | Jan 6, 2026 |
Description
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix OOB read in indx_insert_into_buffer Syzbot reported a OOB read bug: BUG: KASAN: slab-out-of-bounds in indx_insert_into_buffer+0xaa3/0x13b0 fs/ntfs3/index.c:1755 Read of size 17168 at addr ffff8880255e06c0 by task syz-executor308/3630 Call Trace: <TASK> memmove+0x25/0x60 mm/kasan/shadow.c:54 indx_insert_into_buffer+0xaa3/0x13b0 fs/ntfs3/index.c:1755 indx_insert_entry+0x446/0x6b0 fs/ntfs3/index.c:1863 ntfs_create_inode+0x1d3f/0x35c0 fs/ntfs3/inode.c:1548 ntfs_create+0x3e/0x60 fs/ntfs3/namei.c:100 lookup_open fs/namei.c:3413 [inline] If the member struct INDEX_BUFFER *index of struct indx_node is incorrect, that is, the value of __le32 used is greater than the value of __le32 total in struct INDEX_HDR. Therefore, OOB read occurs when memmove is called in indx_insert_into_buffer(). Fix this by adding a check in hdr_find_e().
Solutions
References
- CVE-2023-54063
- https://attackerkb.com/topics/CVE-2023-54063
- URL-https://git.kernel.org/stable/c/17048287ac79abd33b275ac3b5738285d406481b
- URL-https://git.kernel.org/stable/c/4bf3b564e27a518f158a83d5e1a50064ed6136a0
- URL-https://git.kernel.org/stable/c/a7e5dba10ba1402dd6c2f961a70320770865c4a5
- URL-https://git.kernel.org/stable/c/b8c44949044e5f7f864525fdffe8e95135ce9ce5
- URL-https://git.kernel.org/stable/c/cd7e1d67924081717c5c96ead758a1a77867689a
- URL-https://www.cve.org/CVERecord?id=CVE-2023-54063
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.