CVE-2023-53091

When mounting a crafted ext4 image, sjournalinum may change after journal replay, which is obviously unreasonable because we have successfully loaded and replayed the journal through the old sjournalinum. And the new sjournalinum bypasses some of the checks in ext4getjournal(), which may trigger a null pointer dereference problem. So if sjournalinum changes after the journal replay, we ignore the change, and rewrite the current journal_inum to the superblock.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53091.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

345c0dbf3a30872d9b204db96b5857cd00808cae

Fixed

499fef2030fb754c68b1c7cb3a799a3bc1d0d925

Fixed

70e66bdeae4d0f7c8e87762f425b68aedd5e8955

Fixed

ee0c5277d4fab920bd31345c49e193ecede9ecef

Fixed

3039d8b8692408438a618fac2776b629852663c3

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

51890201da4d654f6ca131bc45a0e892bb10de1d

Last affected

7eff961ca9f364be255d279346517ba0158ec8e3

Last affected

a9855260fe8d8680bf8c4f0d8303b696c861e99b

Last affected

795762468125a6412c089651e74f780bee154118

Last affected

2fd4629de51974002f4e9cf1a35a1926dd6c9d99

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53091.json"