CVE-2023-53486

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.0.0-rc7+

Description The Linux kernel contains an issue within the NTFS3 file system implementation. Specifically, the attribute size check has been enhanced to combine overflow and boundary checks, addressing a potential flaw in how attribute sizes are examined during enumeration. This enhancement resolves a kernel bug identified through KASAN (Kernel Address Sanitizer) testing, which detected a slab-out-of-bounds read during the run unpack function. The issue was triggered during mount operations and involved accessing memory outside the allocated buffer. The root cause is related to improper handling of attribute sizes, potentially leading to information disclosure or system instability.

Recommendations Update to a version newer than 6.0.0-rc7+ to address this issue.