U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. Vulnerabilities

CVE-2023-53337 Detail

Description

In the Linux kernel, the following vulnerability has been resolved: nilfs2: do not write dirty data after degenerating to read-only According to syzbot's report, mark_buffer_dirty() called from nilfs_segctor_do_construct() outputs a warning with some patterns after nilfs2 detects metadata corruption and degrades to read-only mode. After such read-only degeneration, page cache data may be cleared through nilfs_clear_dirty_page() which may also clear the uptodate flag for their buffer heads. However, even after the degeneration, log writes are still performed by unmount processing etc., which causes mark_buffer_dirty() to be called for buffer heads without the "uptodate" flag and causes the warning. Since any writes should not be done to a read-only file system in the first place, this fixes the warning in mark_buffer_dirty() by letting nilfs_segctor_do_construct() abort early if in read-only mode. This also changes the retry check of nilfs_segctor_write_out() to avoid unnecessary log write retries if it detects -EROFS that nilfs_segctor_do_construct() returned.


Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NIST CVSS score
NIST: NVD
N/A
NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

URL Source(s) Tag(s)
https://git.kernel.org/stable/c/13f73ef77baa4764dc1ca4fcbae9cade05b83866 kernel.org Patch 
https://git.kernel.org/stable/c/28a65b49eb53e172d23567005465019658bfdb4d kernel.org Patch 
https://git.kernel.org/stable/c/4005cec6847c06ee191583270b7cdd7e696543cc kernel.org Patch 
https://git.kernel.org/stable/c/4569a292a84e340e97d178898ad1cfe1a3080a61 kernel.org Patch 
https://git.kernel.org/stable/c/55f7810632f993cff622a0ddbc7c865892294b61 kernel.org Patch 
https://git.kernel.org/stable/c/7c3e662048053802f6b0db3a78e97f4e1f7edc4f kernel.org Patch 
https://git.kernel.org/stable/c/a73201c607d8e506358d60aafddda4246bdd9350 kernel.org Patch 
https://git.kernel.org/stable/c/bd89073fc7a5d03b1d06b372addbe405e5a925f4 kernel.org Patch 
https://git.kernel.org/stable/c/e9c5412c5972124776c1b873533eb39e287a4dfa kernel.org Patch 

Weakness Enumeration

CWE-ID CWE Name Source
NVD-CWE-noinfo Insufficient Information cwe source acceptance level NIST  

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

2 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2023-53337
NVD Published Date:
09/17/2025
NVD Last Modified:
12/11/2025
Source:
kernel.org