CVE-2023-53295
Published: September 17, 2025Last modified: September 17, 2025
Description
In the Linux kernel, the following vulnerability has been resolved: udf: Do not update file length for failed writes to inline files When write to inline file fails (or happens only partly), we still updated length of inline data as if the whole write succeeded. Fix the update of length of inline data to happen only if the write succeeds.
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 5.5 |
| Attack Vector | LOCAL |
| Attack complexity | LOW |
| Privileges required | LOW |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | NONE |
| Integrity impact | NONE |
| Availability impact | HIGH |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | 23 LTS | linux-lts | Not affected (6.1.33-r0) |
| 25 LTS | linux-lts | Not affected (6.6.89-r0) | |
| Stream | linux-lts | Fixed (6.6.58-r0) |
References
- https://git.kernel.org/stable/c/256fe4162f8b5a1625b8603ca5f7ff79725bfb47
- https://git.kernel.org/stable/c/5621f7a8139053d0c3c47fb68ee9f602139eb40a
- https://git.kernel.org/stable/c/5a6c373d761f55635e175fa2f407544bae8f583b
- https://git.kernel.org/stable/c/6837910aeb2c9101fc036dcd1b1f32615c20ec1a
- https://git.kernel.org/stable/c/6d18cedc1ef0caeb1567cab660079e48844ff6d6
- https://git.kernel.org/stable/c/7bd8d9e1cf5607ee14407f4060b9a1dbb3c42802
- https://git.kernel.org/stable/c/c5787d77a5c29fffd295d138bd118b334990a567
- https://git.kernel.org/stable/c/eb2133900cac2d2f78befd6be41666cf1a2315d9