PT-2025-53060 · Linux+1 · Linux Kernel+1
Published
2023-05-13
·
Updated
2025-12-26
·
CVE-2023-54062
CVSS v2.0
4.6
Medium
| Vector | AV:L/AC:L/Au:S/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
A flaw exists in the Linux kernel’s ext4 file system related to extended attribute handling. Specifically, the
ext4 xattr move to block() function contains an issue where memory could be improperly freed or leaked. This occurs because the code attempts to free or not free a memory region based on an invalid pointer after the memory region has been moved. The function ext4 xattr move to block() is affected. The issue arises when handling extended attributes allocated via kvmalloc().Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Allocation of Resources Without Limits
Improper Resource Release
Resource Exhaustion
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Linux Kernel
Ext4