CVE-2023-53129

ext4: Fix deadlock during directory rename

Severity Score

5.5

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

MITRE
TN

In the Linux kernel, the following vulnerability has been resolved: ext4: Fix deadlock during directory rename As lockdep properly warns, we should not be locking i_rwsem while having
transactions started as the proper lock ordering used by all directory
handling operations is i_rwsem -> transaction start. Fix the lock
ordering by moving the locking of the directory earlier in
ext4_rename().

In the Linux kernel, the following vulnerability has been resolved: ext4: Fix deadlock during directory rename As lockdep properly warns, we should not be locking i_rwsem while having transactions started as the proper lock ordering used by all directory handling operations is i_rwsem -> transaction start. Fix the lock ordering by moving the locking of the directory earlier in ext4_rename().

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2025-05-02 CVE Reserved
2025-05-02 CVE Published
2025-05-02 CVE Updated
---------- EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (6)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/3c92792da8506a295afb6d032b4476e46f979725	2023-03-08
https://git.kernel.org/stable/c/6b06c4ae64e3557a19b3bb0b6dbf641bc41fc218	2023-03-17
https://git.kernel.org/stable/c/b113f90204479f55a17295bedf0cc966a60c7a56	2023-03-17
https://git.kernel.org/stable/c/a2bc806e95bde8de3a0d675051d9ae78dcf6c691	2023-03-17
https://git.kernel.org/stable/c/2ef7f829214fa8f428d953b49557b89b2b02db66	2023-03-17
https://git.kernel.org/stable/c/352c728653a1179ce7bb37a4c8aa8404d83914a2	2023-03-17

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< mainline Search vendor "Linux" for product "Linux Kernel" and version " < mainline"		en		Affected