CVE-2023-53820
Gravedad:
Pendiente de análisis
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
09/12/2025
Última modificación:
23/12/2025
Descripción
*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
loop: loop_set_status_from_info() check before assignment<br />
<br />
In loop_set_status_from_info(), lo->lo_offset and lo->lo_sizelimit should<br />
be checked before reassignment, because if an overflow error occurs, the<br />
original correct value will be changed to the wrong value, and it will not<br />
be changed back.<br />
<br />
More, the original patch did not solve the problem, the value was set and<br />
ioctl returned an error, but the subsequent io used the value in the loop<br />
driver, which still caused an alarm:<br />
<br />
loop_handle_cmd<br />
do_req_filebacked<br />
loff_t pos = ((loff_t) blk_rq_pos(rq) iocb.ki_pos = pos
Impacto
Referencias a soluciones, herramientas e información
- https://git.kernel.org/stable/c/258809bf22bf71d53247856f374f2b1d055f2fd4
- https://git.kernel.org/stable/c/2ea7077748e5d7cc64f1c31342c802fe66ea7426
- https://git.kernel.org/stable/c/3e7d0968203d668af6036b9f9199c7b62c8a3581
- https://git.kernel.org/stable/c/4be26d553a3f1d4f54f25353d1496c562002126d
- https://git.kernel.org/stable/c/6bdf4e6dfb60cbb6121ccf027d97ed2ec97c0bcb
- https://git.kernel.org/stable/c/832580af82ace363205039a8e7c4ef04552ccc1a
- https://git.kernel.org/stable/c/861021710bba9dfa0749a3c209a6c1773208b1f1
- https://git.kernel.org/stable/c/9f6ad5d533d1c71e51bdd06a5712c4fbc8768dfa
- https://git.kernel.org/stable/c/c79a924ed6afac1708dfd370ba66bcf6a852ced6