vulnerability
Ubuntu: (CVE-2023-54119): linux vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:S/C:N/I:N/A:C) | Dec 24, 2025 | Jan 6, 2026 | Jan 6, 2026 |
Severity
5
CVSS
(AV:L/AC:L/Au:S/C:N/I:N/A:C)
Published
Dec 24, 2025
Added
Jan 6, 2026
Modified
Jan 6, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: inotify: Avoid reporting event with invalid wd When inotify_freeing_mark() races with inotify_handle_inode_event() it can happen that inotify_handle_inode_event() sees that i_mark->wd got already reset to -1 and reports this value to userspace which can confuse the inotify listener. Avoid the problem by validating that wd is sensible (and pretend the mark got removed before the event got generated otherwise).
Solutions
ubuntu-upgrade-linuxubuntu-upgrade-linux-awsubuntu-upgrade-linux-aws-5-15ubuntu-upgrade-linux-aws-5-4ubuntu-upgrade-linux-aws-fipsubuntu-upgrade-linux-azureubuntu-upgrade-linux-azure-5-15ubuntu-upgrade-linux-azure-5-4ubuntu-upgrade-linux-azure-fipsubuntu-upgrade-linux-bluefieldubuntu-upgrade-linux-fipsubuntu-upgrade-linux-gcpubuntu-upgrade-linux-gcp-5-15ubuntu-upgrade-linux-gcp-5-4ubuntu-upgrade-linux-gcp-fipsubuntu-upgrade-linux-gkeubuntu-upgrade-linux-gkeopubuntu-upgrade-linux-hwe-5-15ubuntu-upgrade-linux-hwe-5-4ubuntu-upgrade-linux-ibmubuntu-upgrade-linux-ibm-5-15ubuntu-upgrade-linux-ibm-5-4ubuntu-upgrade-linux-intel-iot-realtimeubuntu-upgrade-linux-intel-iotgubuntu-upgrade-linux-intel-iotg-5-15ubuntu-upgrade-linux-iotubuntu-upgrade-linux-kvmubuntu-upgrade-linux-lowlatencyubuntu-upgrade-linux-lowlatency-hwe-5-15ubuntu-upgrade-linux-nvidiaubuntu-upgrade-linux-nvidia-tegraubuntu-upgrade-linux-nvidia-tegra-5-15ubuntu-upgrade-linux-nvidia-tegra-igxubuntu-upgrade-linux-oracleubuntu-upgrade-linux-oracle-5-15ubuntu-upgrade-linux-oracle-5-4ubuntu-upgrade-linux-raspiubuntu-upgrade-linux-raspi-5-4ubuntu-upgrade-linux-realtimeubuntu-upgrade-linux-riscv-5-15ubuntu-upgrade-linux-xilinx-zynqmp
References
- CVE-2023-54119
- https://attackerkb.com/topics/CVE-2023-54119
- URL-https://git.kernel.org/stable/c/145f54ea336b06cf4f92eeee996f2ffca939ea43
- URL-https://git.kernel.org/stable/c/17ad86d8c12220de97e80d88b5b4c934a40e1812
- URL-https://git.kernel.org/stable/c/2d65c97777e5b4a845637800d5d7b648f5772106
- URL-https://git.kernel.org/stable/c/8fb33166aed888769ea63d6af49515893f8a1f14
- URL-https://git.kernel.org/stable/c/a48bacee05860c6089c3482bcdc80720b0ee5732
- URL-https://git.kernel.org/stable/c/c915d8f5918bea7c3962b09b8884ca128bfd9b0c
- URL-https://git.kernel.org/stable/c/fb3294998489d39835006240e9c6e6b2ac62022e
- URL-https://www.cve.org/CVERecord?id=CVE-2023-54119
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.