CVE-2023-54196

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw within the NTFS3 file system implementation. A NULL pointer dereference can occur in the ni write inode function when handling inode eviction, specifically when ni->mi.mrec is NULL. This issue was discovered through Syzbot fuzzing and can lead to a kernel panic. The root cause is a failure to allocate memory during inode initialization (mi init), resulting in a NULL mi->mrec pointer, which is subsequently dereferenced in is rec inuse.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.