{ "affected": [ { "ranges": [ { "events": [ { "introduced": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2" }, { "fixed": "5c87115520d2451f5689be7d9a463450d5b1bd96" }, { "fixed": "c53936d9fb35287ed81ec412a5b494729268a64d" }, { "fixed": "cd2341c26fb6cf45445de70cfd01022cb634746b" }, { "fixed": "5570ac70264021c3a9b0c55e0e6d7a90f25cebbc" }, { "fixed": "a44be64bbecb15a452496f60db6eacfee2b59c79" } ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "type": "GIT" } ] }, { "package": { "ecosystem": "Linux", "name": "Kernel" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "5.10.181" } ], "type": "ECOSYSTEM" }, { "events": [ { "introduced": "5.11.0" }, { "fixed": "5.15.113" } ], "type": "ECOSYSTEM" }, { "events": [ { "introduced": "5.16.0" }, { "fixed": "6.1.30" } ], "type": "ECOSYSTEM" }, { "events": [ { "introduced": "6.2.0" }, { "fixed": "6.3.4" } ], "type": "ECOSYSTEM" } ] } ], "database_specific": { "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53835.json" }, "details": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: don't clear SB_RDONLY when remounting r/w until quota is re-enabled\n\nWhen a file system currently mounted read/only is remounted\nread/write, if we clear the SB_RDONLY flag too early, before the quota\nis initialized, and there is another process/thread constantly\nattempting to create a directory, it's possible to trigger the\n\n\tWARN_ON_ONCE(dquot_initialize_needed(inode));\n\nin ext4_xattr_block_set(), with the following stack trace:\n\n WARNING: CPU: 0 PID: 5338 at fs/ext4/xattr.c:2141 ext4_xattr_block_set+0x2ef2/0x3680\n RIP: 0010:ext4_xattr_block_set+0x2ef2/0x3680 fs/ext4/xattr.c:2141\n Call Trace:\n ext4_xattr_set_handle+0xcd4/0x15c0 fs/ext4/xattr.c:2458\n ext4_initxattrs+0xa3/0x110 fs/ext4/xattr_security.c:44\n security_inode_init_security+0x2df/0x3f0 security/security.c:1147\n __ext4_new_inode+0x347e/0x43d0 fs/ext4/ialloc.c:1324\n ext4_mkdir+0x425/0xce0 fs/ext4/namei.c:2992\n vfs_mkdir+0x29d/0x450 fs/namei.c:4038\n do_mkdirat+0x264/0x520 fs/namei.c:4061\n __do_sys_mkdirat fs/namei.c:4076 [inline]\n __se_sys_mkdirat fs/namei.c:4074 [inline]\n __x64_sys_mkdirat+0x89/0xa0 fs/namei.c:4074", "id": "CVE-2023-53835", "modified": "2025-12-09T02:34:23.033797600Z", "published": "2025-12-09T01:29:50.850Z", "references": [ { "type": "PACKAGE", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/5570ac70264021c3a9b0c55e0e6d7a90f25cebbc" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/5c87115520d2451f5689be7d9a463450d5b1bd96" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/a44be64bbecb15a452496f60db6eacfee2b59c79" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/c53936d9fb35287ed81ec412a5b494729268a64d" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/cd2341c26fb6cf45445de70cfd01022cb634746b" }, { "type": "ADVISORY", "url": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53835.json" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53835" } ], "schema_version": "1.7.3", "summary": "ext4: don't clear SB_RDONLY when remounting r/w until quota is re-enabled" }