CVE-2023-53194

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.0.0-rc7

Description A use-after-free vulnerability exists in the Linux kernel's NTFS3 filesystem, specifically within the indx get root function. The vulnerability is due to a missing length check, potentially allowing for improper index root retrieval. This can lead to a kernel crash as demonstrated by KASAN reports.

Recommendations Update to a newer version of the Linux kernel that contains a fix for this vulnerability. As a temporary workaround, consider disabling the use of the NTFS3 filesystem if possible.