CVE-2023-53777

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw in the EROFS implementation where hooked chains can create loops on deduplicated compressed images. This can occur when two chains link to each other simultaneously, resulting in a lock and preventing file pages from being unlocked. The issue is observed specifically on data-deduplicated compressed images and can be triggered by heavily stressing EROFS with crafted images. The root cause is the lockless linking of hooked chains, leading to a race condition. The fix involves disabling hooked chains to avoid the race condition until a more robust solution is developed.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2023-53777

SUSE-SU-2026:0278-1

SUSE-SU-2026:0281-1

SUSE-SU-2026:0293-1

SUSE-SU-2026:0315-1

SUSE-SU-2026:20477-1

SUSE-SU-2026:20498-1

SUSE-SU-2026:20845-1

SUSE-SU-2026:20876-1

Affected Products

Linux Kernel

CVE-2023-53777

Related Identifiers

Affected Products

References · 1458