CVE-2023-54180

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.0.10-2 Description The Linux kernel contained a flaw within the btrfs subsystem related to handling device replacement during repair operations. Specifically, a bug report indicated a kernel panic (BUG ON()) triggered when replacing an unreliable disk. This occurred because the code attempted to write back repaired sectors to the failed device during a dev-replace operation, leading to a mismatch in mirror numbers. The issue stemmed from modifications to the bioc->mirror num within the btrfs map block() function during device replacement, causing the BUG ON() check to fail. The root cause was attempting repair operations on a device that was still undergoing replacement, where the expected data hadn't yet been written. Recommendations Update to Linux kernel version 6.0.10-2 or later.