CVE-2023-53137
Linux Kernel Ext4 Directory Corruption Vulnerability
Description
In the Linux kernel, the following vulnerability has been resolved: ext4: Fix possible corruption when moving a directory When we are renaming a directory to a different directory, we need to update '..' entry in the moved directory. However nothing prevents moved directory from being modified and even converted from the inline format to the normal format. When such race happens the rename code gets confused and we crash. Fix the problem by locking the moved directory.
INFO
Published Date :
May 2, 2025, 4:15 p.m.
Last Modified :
May 2, 2025, 4:15 p.m.
Source :
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Remotely Exploitable :
No
Impact Score :
Exploitability Score :
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2023-53137.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2023-53137 vulnerability anywhere in the article.
The following table lists the changes that have been made to the
CVE-2023-53137 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67
May. 02, 2025
Action Type Old Value New Value Added Description In the Linux kernel, the following vulnerability has been resolved: ext4: Fix possible corruption when moving a directory When we are renaming a directory to a different directory, we need to update '..' entry in the moved directory. However nothing prevents moved directory from being modified and even converted from the inline format to the normal format. When such race happens the rename code gets confused and we crash. Fix the problem by locking the moved directory. Added Reference https://git.kernel.org/stable/c/0813299c586b175d7edb25f56412c54b812d0379 Added Reference https://git.kernel.org/stable/c/0c440f14558bfacd22c6935ae1fd4b2a09e96b5d Added Reference https://git.kernel.org/stable/c/291cd19d107e197306869cb3237c1bba62d13182 Added Reference https://git.kernel.org/stable/c/8dac5a63cf79707b547ea3d425fead5f4482198f Added Reference https://git.kernel.org/stable/c/b0bb13612292ca90fa4c2a7e425375649bc50d3e Added Reference https://git.kernel.org/stable/c/c50fc503ee1b97f12c98e26afc39fdaebebcf04f
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2023-53137 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2023-53137
weaknesses.