fkie_nvd - fkie_cve-2023-54285

fkie_cve-2023-54285

Vulnerability from fkie_nvd

Published

2025-12-30 13:16

Modified

2025-12-31 20:42

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: iomap: Fix possible overflow condition in iomap_write_delalloc_scan folio_next_index() returns an unsigned long value which left shifted by PAGE_SHIFT could possibly cause an overflow on 32-bit system. Instead use folio_pos(folio) + folio_size(folio), which does this correctly.

References

	URL	Tags
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/5c281b0c5d18c8eeb1cfd5023f4adb153e6d1240
	416baaa9-dc9f-4396-8d5f-8c081fb06d67	https://git.kernel.org/stable/c/eee2d2e6ea5550118170dbd5bb1316ceb38455fb

Impacted products

	Vendor	Product	Version

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niomap: Fix possible overflow condition in iomap_write_delalloc_scan\n\nfolio_next_index() returns an unsigned long value which left shifted\nby PAGE_SHIFT could possibly cause an overflow on 32-bit system. Instead\nuse folio_pos(folio) + folio_size(folio), which does this correctly."
    }
  ],
  "id": "CVE-2023-54285",
  "lastModified": "2025-12-31T20:42:43.210",
  "metrics": {},
  "published": "2025-12-30T13:16:17.520",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/5c281b0c5d18c8eeb1cfd5023f4adb153e6d1240"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/eee2d2e6ea5550118170dbd5bb1316ceb38455fb"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}

CVE-2023-54285 (GCVE-0-2023-54285)

Vulnerability from cvelistv5

Published

2025-12-30 12:23

Modified

2025-12-30 12:23

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: iomap: Fix possible overflow condition in iomap_write_delalloc_scan folio_next_index() returns an unsigned long value which left shifted by PAGE_SHIFT could possibly cause an overflow on 32-bit system. Instead use folio_pos(folio) + folio_size(folio), which does this correctly.

References

URL

Tags

	https://git.kernel.org/stable/c/5c281b0c5d18c8eeb1cfd5023f4adb153e6d1240
	https://git.kernel.org/stable/c/eee2d2e6ea5550118170dbd5bb1316ceb38455fb

Impacted products

Vendor

Product

Version

Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Version: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Show details on NVD website

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/iomap/buffered-io.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "5c281b0c5d18c8eeb1cfd5023f4adb153e6d1240",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "eee2d2e6ea5550118170dbd5bb1316ceb38455fb",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/iomap/buffered-io.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.5",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.6",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.5.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niomap: Fix possible overflow condition in iomap_write_delalloc_scan\n\nfolio_next_index() returns an unsigned long value which left shifted\nby PAGE_SHIFT could possibly cause an overflow on 32-bit system. Instead\nuse folio_pos(folio) + folio_size(folio), which does this correctly."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-30T12:23:25.770Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/5c281b0c5d18c8eeb1cfd5023f4adb153e6d1240"
        },
        {
          "url": "https://git.kernel.org/stable/c/eee2d2e6ea5550118170dbd5bb1316ceb38455fb"
        }
      ],
      "title": "iomap: Fix possible overflow condition in iomap_write_delalloc_scan",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54285",
    "datePublished": "2025-12-30T12:23:25.770Z",
    "dateReserved": "2025-12-30T12:06:44.526Z",
    "dateUpdated": "2025-12-30T12:23:25.770Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.