CVE-2023-53526
- Source
- https://cve.org/CVERecord?id=CVE-2023-53526
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53526.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-53526
- Downstream
- Related
- Published
- 2025-10-01T11:46:11.862Z
- Modified
- 2026-03-20T12:33:13.298494Z
- Summary
- jbd2: check 'jh->b_transaction' before removing it from checkpoint
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
jbd2: check 'jh->b_transaction' before removing it from checkpoint
Following process will corrupt ext4 image: Step 1: jbd2journalcommit_transaction _jbd2journalinsertcheckpoint(jh, committransaction) // Put jh into trans1->tcheckpointlist journal->jcheckpointtransactions = committransaction // Put trans1 into journal->jcheckpointtransactions
Step 2: dogetwriteaccess testclearbufferdirty(bh) // clear buffer dirty,set jbd dirty _jbd2journalfilebuffer(jh, transaction) // jh belongs to trans2
Step 3: dropcache journalshrinkonecplist jbd2journaltryremovecheckpoint if (!trylockbuffer(bh)) // lock bh, true if (buffer_dirty(bh)) // buffer is not dirty _jbd2journalremovecheckpoint(jh) // remove jh from trans1->tcheckpointlist
Step 4: jbd2logdocheckpoint trans1 = journal->jcheckpointtransactions // jh is not in trans1->tcheckpointlist jbd2cleanupjournaltail(journal) // trans1 is done
Step 5: Power cut, trans2 is not committed, jh is lost in next mounting.
Fix it by checking 'jh->b_transaction' before remove it from checkpoint.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53526.json" }- References
-
- https://git.kernel.org/stable/c/2298f2589903a8bc03061b54b31fd97985ab6529
- https://git.kernel.org/stable/c/590a809ff743e7bd890ba5fb36bc38e20a36de53
- https://git.kernel.org/stable/c/dbafe636db415299e54d9dfefc1003bda9e71c9d
- https://git.kernel.org/stable/c/ef5fea70e5915afd64182d155e72bfb4f275e1fc
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53526.json
- https://nvd.nist.gov/vuln/detail/CVE-2023-53526
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedb832174b7f89df3ebab02f5b485d00127a0e1a6eFixedef5fea70e5915afd64182d155e72bfb4f275e1fc
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducede5c768d809a85e9efd0274b2efe69d4970cc0014Fixeddbafe636db415299e54d9dfefc1003bda9e71c9d
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced46f881b5b1758dc4a35fba4a643c10717d0cf427Fixed2298f2589903a8bc03061b54b31fd97985ab6529Fixed590a809ff743e7bd890ba5fb36bc38e20a36de53
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected019b59aeb2af6b47d5c8e69c5dc1d731c8df0354