CVE-2023-53440

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The nilfs2 sysfs support in the Linux kernel has issues with the timing of creation and deletion of sysfs entries. This can lead to null pointer dereferences, use-after-free conditions, and lockdep warnings. Specifically, sysfs attributes for nilfs2 per-filesystem instances may refer to metadata files before their inodes are loaded, or be accessed after the metadata file inodes are released. Additionally, the creation of sysfs entries can occur during a semaphore lock, potentially causing lock dependencies and false positive lockdep warnings. The issue is resolved by revising when the device's sysfs interface is created and deleted, ensuring its lifetime is within the lifetime of the metadata files.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.