CVE-2023-53163
- Source
- https://cve.org/CVERecord?id=CVE-2023-53163
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53163.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-53163
- Downstream
- Published
- 2025-09-15T14:03:33.777Z
- Modified
- 2026-03-12T03:28:04.151070Z
- Summary
- fs/ntfs3: don't hold ni_lock when calling truncate_setsize()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: don't hold nilock when calling truncatesetsize()
syzbot is reporting hung task at douseraddrfault() [1], for there is a silent deadlock between PGlocked bit and ni_lock lock.
Since filemapupdatepage() calls filemapreadfolio() after calling foliotrylock() which will set PGlocked bit, ntfstruncate() must not call truncatesetsize() which will wait for PGlocked bit to be cleared when holding nilock lock.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53163.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/0226635c304cfd5c9db9b78c259cb713819b057e
- https://git.kernel.org/stable/c/6bb6b1c6b0c31e36736b87a39dd1cbbd9d5ec22f
- https://git.kernel.org/stable/c/73fee7e1e5ea11b51c51c46e0577a197ca3602cf
- https://git.kernel.org/stable/c/8414983c2e649364d8af29080a0869266b31abb6
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53163.json
- https://nvd.nist.gov/vuln/detail/CVE-2023-53163
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced4342306f0f0d5ff4315a204d315c1b51b914fca5Fixed8414983c2e649364d8af29080a0869266b31abb6Fixed6bb6b1c6b0c31e36736b87a39dd1cbbd9d5ec22fFixed73fee7e1e5ea11b51c51c46e0577a197ca3602cfFixed0226635c304cfd5c9db9b78c259cb713819b057e