CVE-2023-54127

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw within the JFS filesystem implementation. Specifically, a double-free issue can occur in the dbUnmount() function after a failed jfs remount() operation. This is due to the JFS SBI(ipbmap->i sb)->bmap not being set to NULL after being freed, leading to a double-free when jfs umount() or jfs remount() is subsequently called. Syzkaller, a fuzzing tool, identified this issue and can reproduce it using fault injection. The problem arises when either diMount() or dbMount() fails during jfs remount(), as diUnmount() or dbUnmount() may have already executed, resulting in a double-free on the next execution of jfs umount() or jfs remount().

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Double Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-415

Related Identifiers

BDU:2026-01213

CVE-2023-54127

SUSE-SU-2026:0263-1

SUSE-SU-2026:0278-1

SUSE-SU-2026:0281-1

SUSE-SU-2026:0293-1

SUSE-SU-2026:0315-1

SUSE-SU-2026:0317-1

SUSE-SU-2026:0411-1

SUSE-SU-2026:0617-1

SUSE-SU-2026:20477-1

SUSE-SU-2026:20498-1

SUSE-SU-2026:20845-1

SUSE-SU-2026:20876-1

Affected Products

Linux Kernel

CVE-2023-54127

Weakness Enumeration

Related Identifiers

Affected Products

References · 2190