{
  "affected": [
    {
      "ranges": [
        {
          "events": [
            {
              "introduced": "a4b6817625e71d5d4aee16cacf7a7fec077c6dbe"
            },
            {
              "fixed": "aa4d726af72a21732ce120484e0b1240674a13b3"
            },
            {
              "fixed": "22ddbbff116ee7dce5431feb1c0f36a507d2d68d"
            },
            {
              "fixed": "20b4f3de0f3932f71b4a8daf0671e517a8d98022"
            },
            {
              "fixed": "0dbbf0fb38d5ec5d4138d1aeaeb43d9217b9a592"
            }
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "type": "GIT"
        }
      ]
    }
  ],
  "database_specific": {
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53214.json"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to avoid potential memory corruption in __update_iostat_latency()\n\nAdd iotype sanity check to avoid potential memory corruption.\nThis is to fix the compile error below:\n\nfs/f2fs/iostat.c:231 __update_iostat_latency() error: buffer overflow\n'io_lat-\u003epeak_lat[type]' 3 \u003c= 3\n\nvim +228 fs/f2fs/iostat.c\n\n  211  static inline void __update_iostat_latency(struct bio_iostat_ctx\n\t*iostat_ctx,\n  212\t\t\t\t\tenum iostat_lat_type type)\n  213  {\n  214\t\tunsigned long ts_diff;\n  215\t\tunsigned int page_type = iostat_ctx-\u003etype;\n  216\t\tstruct f2fs_sb_info *sbi = iostat_ctx-\u003esbi;\n  217\t\tstruct iostat_lat_info *io_lat = sbi-\u003eiostat_io_lat;\n  218\t\tunsigned long flags;\n  219\n  220\t\tif (!sbi-\u003eiostat_enable)\n  221\t\t\treturn;\n  222\n  223\t\tts_diff = jiffies - iostat_ctx-\u003esubmit_ts;\n  224\t\tif (page_type \u003e= META_FLUSH)\n                                 ^^^^^^^^^^\n\n  225\t\t\tpage_type = META;\n  226\n  227\t\tspin_lock_irqsave(\u0026sbi-\u003eiostat_lat_lock, flags);\n @228\t\tio_lat-\u003esum_lat[type][page_type] += ts_diff;\n                                      ^^^^^^^^^\nMixup between META_FLUSH and NR_PAGE_TYPE leads to memory corruption.",
  "id": "CVE-2023-53214",
  "modified": "2026-04-01T23:09:36.825855828Z",
  "published": "2025-09-15T14:21:42.331Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0dbbf0fb38d5ec5d4138d1aeaeb43d9217b9a592"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/20b4f3de0f3932f71b4a8daf0671e517a8d98022"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/22ddbbff116ee7dce5431feb1c0f36a507d2d68d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/aa4d726af72a21732ce120484e0b1240674a13b3"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53214.json"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53214"
    },
    {
      "type": "PACKAGE",
      "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"
    }
  ],
  "schema_version": "1.7.3",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "f2fs: fix to avoid potential memory corruption in __update_iostat_latency()"
}