DEBIAN-CVE-2023-53481
- Source
- https://security-tracker.debian.org/tracker/CVE-2023-53481
- Import Source
- https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2023-53481.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2023-53481
- Upstream
- Published
- 2025-10-01T12:15:50Z
- Modified
- 2025-10-02T09:17:02.517521Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: ubi: ubiwlputpeb: Fix infinite loop when wear-leveling work failed Following process will trigger an infinite loop in ubiwlputpeb(): ubifsbgt ubibgt ubifslebunmap ubilebunmap ubiebaunmapleb ubiwlputpeb wearlevelingworker e1 = rbentry(rbfirst(&ubi->used) e2 = getpebforwl(ubi) ubiioreadvidhdr // return err (flash fault) outerror: ubi->movefrom = ubi->moveto = NULL wlentrydestroy(ubi, e1) ubi->lookuptbl[e->pnum] = NULL retry: e = ubi->lookuptbl[pnum]; // return NULL if (e == ubi->movefrom) { // NULL == NULL gets true goto retry; // infinite loop !!! $ top PID USER PR NI VIRT RES SHR S %CPU %MEM COMMAND 7676 root 20 0 0 0 0 R 100.0 0.0 ubifsbgt00 Fix it by: 1) Letting ubiwlputpeb() returns directly if wearl leveling entry has been removed from 'ubi->lookuptbl'. 2) Using 'ubi->wllock' protecting wl entry deletion to preventing an use-after-free problem for wl entry in ubiwlputpeb(). Fetch a reproducer in [Link].
- References
Affected packages
Debian:11 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.10.178-1
Affected versions
5.*
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source