CVE-2023-53081

ocfs2: fix data corruption after failed write

Description

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption after failed write When buffered write fails to copy data into underlying page cache page, ocfs2_write_end_nolock() just zeroes out and dirties the page. This can leave dirty page beyond EOF and if page writeback tries to write this page before write succeeds and expands i_size, page gets into inconsistent state where page dirty bit is clear but buffer dirty bits stay set resulting in page data never getting written and so data copied to the page is lost. Fix the problem by invalidating page beyond EOF after failed write.

N/A
CVSS
Severity:
EPSS 0.03%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/1629f6f522b2d058019710466a84b240683bbee3
https://git.kernel.org/stable/c/c26f3ff4c0be590c1250f945ac2e4fc5fcdc5f45
https://git.kernel.org/stable/c/4c24eb49ab44351424ac8fe8567f91ea48a06089
https://git.kernel.org/stable/c/91d7a4bd5656552d6259e2d0f8859f9e8cc5ef68
https://git.kernel.org/stable/c/a9e53869cb43c96d6d851c491fd4e26430ab6ba6
https://git.kernel.org/stable/c/47eb055ad3588fc96d34e9e1dd87b210ce62906b
https://git.kernel.org/stable/c/205759c6c18f54659b0b5976b14a52d1b3eb9f57
https://git.kernel.org/stable/c/90410bcf873cf05f54a32183afff0161f44f9715

Frequently Asked Questions

What is the severity of CVE-2023-53081?
CVE-2023-53081 has not yet been assigned a CVSS score.
How to fix CVE-2023-53081?
To fix CVE-2023-53081, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2023-53081 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2023-53081 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2023-53081?
CVE-2023-53081 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.