CVE-2023-53323

CVSS v2.0

6.0

Medium

Vector

AV:L/AC:H/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.3.0-rc2-xfstests-00056-g131086faa369 #139

Description A flaw exists in the Linux kernel related to the ext2/dax subsystem. Specifically, the ext2 setsize function does not handle page-aligned lengths correctly, leading to a bug when used with Direct Access (DAX) enabled on a pmem device. The PAGE ALIGN(x) macro can return an incorrect value when x is already page-aligned, causing a zero length to be passed to ->iomap begin(), which then triggers a bug in ext2 get blocks(). This issue can be triggered by creating a file, and then truncating it to zero size.

Recommendations Update to Linux kernel version 6.3.0-rc2-xfstests-00056-g131086faa369 #139 or a later version to resolve this issue.

Exploit

Fix

Assertion Failure

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-617CWE-120

Related Identifiers

AZL-71885

BDU:2026-02368

CVE-2023-53323

SUSE-SU-2025:03600-1

SUSE-SU-2025:03634-1

SUSE-SU-2025:20851-1

SUSE-SU-2025:20861-1

SUSE-SU-2025:20870-1

SUSE-SU-2025:20898-1

SUSE-SU-2025:3751-1

SUSE-SU-2025:4057-1

SUSE-SU-2025:4132-1

SUSE-SU-2025:4141-1

Affected Products

Astra Linux

Linux Kernel

Suse

CVE-2023-53323

Weakness Enumeration

Related Identifiers

Affected Products

References · 1408