CVE-2023-53172

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel related to the fsverity functionality. A change introduced by commit 56124d6c87fd, intended to support enabling fsverity with smaller tree block sizes, inadvertently made a warning condition reachable through fuzz testing. Specifically, calling FS IOC ENABLE VERITY on a file descriptor opened with ioctl-only access (mode 3) triggers this issue. The documentation for FS IOC ENABLE VERITY specifies that it requires O RDONLY access.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.