{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2023-53306", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-09-16T08:09:37.994Z", "datePublished": "2025-09-16T16:11:45.592Z", "dateUpdated": "2026-05-11T19:42:23.736Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T19:42:23.736Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfsdax: force clear dirty mark if CoW\n\nXFS allows CoW on non-shared extents to combat fragmentation[1]. The old\nnon-shared extent could be mwrited before, its dax entry is marked dirty. \n\nThis results in a WARNing:\n\n[ 28.512349] ------------[ cut here ]------------\n[ 28.512622] WARNING: CPU: 2 PID: 5255 at fs/dax.c:390 dax_insert_entry+0x342/0x390\n[ 28.513050] Modules linked in: rpcsec_gss_krb5 auth_rpcgss nfsv4 nfs lockd grace fscache netfs nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip_set nf_tables\n[ 28.515462] CPU: 2 PID: 5255 Comm: fsstress Kdump: loaded Not tainted 6.3.0-rc1-00001-g85e1481e19c1-dirty #117\n[ 28.515902] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS Arch Linux 1.16.1-1-1 04/01/2014\n[ 28.516307] RIP: 0010:dax_insert_entry+0x342/0x390\n[ 28.516536] Code: 30 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 48 8b 45 20 48 83 c0 01 e9 e2 fe ff ff 48 8b 45 20 48 83 c0 01 e9 cd fe ff ff <0f> 0b e9 53 ff ff ff 48 8b 7c 24 08 31 f6 e8 1b 61 a1 00 eb 8c 48\n[ 28.517417] RSP: 0000:ffffc9000845fb18 EFLAGS: 00010086\n[ 28.517721] RAX: 0000000000000053 RBX: 0000000000000155 RCX: 000000000018824b\n[ 28.518113] RDX: 0000000000000000 RSI: ffffffff827525a6 RDI: 00000000ffffffff\n[ 28.518515] RBP: ffffea00062092c0 R08: 0000000000000000 R09: ffffc9000845f9c8\n[ 28.518905] R10: 0000000000000003 R11: ffffffff82ddb7e8 R12: 0000000000000155\n[ 28.519301] R13: 0000000000000000 R14: 000000000018824b R15: ffff88810cfa76b8\n[ 28.519703] FS: 00007f14a0c94740(0000) GS:ffff88817bd00000(0000) knlGS:0000000000000000\n[ 28.520148] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 28.520472] CR2: 00007f14a0c8d000 CR3: 000000010321c004 CR4: 0000000000770ee0\n[ 28.520863] PKRU: 55555554\n[ 28.521043] Call Trace:\n[ 28.521219] <TASK>\n[ 28.521368] dax_fault_iter+0x196/0x390\n[ 28.521595] dax_iomap_pte_fault+0x19b/0x3d0\n[ 28.521852] __xfs_filemap_fault+0x234/0x2b0\n[ 28.522116] __do_fault+0x30/0x130\n[ 28.522334] do_fault+0x193/0x340\n[ 28.522586] __handle_mm_fault+0x2d3/0x690\n[ 28.522975] handle_mm_fault+0xe6/0x2c0\n[ 28.523259] do_user_addr_fault+0x1bc/0x6f0\n[ 28.523521] exc_page_fault+0x60/0x140\n[ 28.523763] asm_exc_page_fault+0x22/0x30\n[ 28.524001] RIP: 0033:0x7f14a0b589ca\n[ 28.524225] Code: c5 fe 7f 07 c5 fe 7f 47 20 c5 fe 7f 47 40 c5 fe 7f 47 60 c5 f8 77 c3 66 0f 1f 84 00 00 00 00 00 40 0f b6 c6 48 89 d1 48 89 fa <f3> aa 48 89 d0 c5 f8 77 c3 66 66 2e 0f 1f 84 00 00 00 00 00 66 90\n[ 28.525198] RSP: 002b:00007fff1dea1c98 EFLAGS: 00010202\n[ 28.525505] RAX: 000000000000001e RBX: 000000000014a000 RCX: 0000000000006046\n[ 28.525895] RDX: 00007f14a0c82000 RSI: 000000000000001e RDI: 00007f14a0c8d000\n[ 28.526290] RBP: 000000000000006f R08: 0000000000000004 R09: 000000000014a000\n[ 28.526681] R10: 0000000000000008 R11: 0000000000000246 R12: 028f5c28f5c28f5c\n[ 28.527067] R13: 8f5c28f5c28f5c29 R14: 0000000000011046 R15: 00007f14a0c946c0\n[ 28.527449] </TASK>\n[ 28.527600] ---[ end trace 0000000000000000 ]---\n\n\nTo be able to delete this entry, clear its dirty mark before\ninvalidate_inode_pages2_range().\n\n[1] https://lore.kernel.org/linux-xfs/20230321151339.GA11376@frogsfrogsfrogs/"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/dax.c"], "versions": [{"version": "f80e1668888f34c0764822e74953c997daf2ccdb", "lessThan": "fac05f800abb63dc4d7cc48fe7edf16e0520dc1f", "status": "affected", "versionType": "git"}, {"version": "f80e1668888f34c0764822e74953c997daf2ccdb", "lessThan": "f76b3a32879de215ced3f8c754c4077b0c2f79e3", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/dax.c"], "versions": [{"version": "6.2", "status": "affected"}, {"version": "0", "lessThan": "6.2", "status": "unaffected", "versionType": "semver"}, {"version": "6.2.11", "lessThanOrEqual": "6.2.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.3", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.2", "versionEndExcluding": "6.2.11"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.2", "versionEndExcluding": "6.3"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/fac05f800abb63dc4d7cc48fe7edf16e0520dc1f"}, {"url": "https://git.kernel.org/stable/c/f76b3a32879de215ced3f8c754c4077b0c2f79e3"}], "title": "fsdax: force clear dirty mark if CoW", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2023-53306", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-01-14T18:23:22.602517Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "description": "CWE-noinfo Not enough information"}]}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-14T18:32:56.347Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2023-53306", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-01-14T18:23:22.602517Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "description": "CWE-noinfo Not enough information"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-14T18:23:18.780Z"}}], "cna": {"title": "fsdax: force clear dirty mark if CoW", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "f80e1668888f34c0764822e74953c997daf2ccdb", "lessThan": "fac05f800abb63dc4d7cc48fe7edf16e0520dc1f", "versionType": "git"}, {"status": "affected", "version": "f80e1668888f34c0764822e74953c997daf2ccdb", "lessThan": "f76b3a32879de215ced3f8c754c4077b0c2f79e3", "versionType": "git"}], "programFiles": ["fs/dax.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "6.2"}, {"status": "unaffected", "version": "0", "lessThan": "6.2", "versionType": "semver"}, {"status": "unaffected", "version": "6.2.11", "versionType": "semver", "lessThanOrEqual": "6.2.*"}, {"status": "unaffected", "version": "6.3", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["fs/dax.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/fac05f800abb63dc4d7cc48fe7edf16e0520dc1f"}, {"url": "https://git.kernel.org/stable/c/f76b3a32879de215ced3f8c754c4077b0c2f79e3"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfsdax: force clear dirty mark if CoW\n\nXFS allows CoW on non-shared extents to combat fragmentation[1]. The old\nnon-shared extent could be mwrited before, its dax entry is marked dirty. \n\nThis results in a WARNing:\n\n[ 28.512349] ------------[ cut here ]------------\n[ 28.512622] WARNING: CPU: 2 PID: 5255 at fs/dax.c:390 dax_insert_entry+0x342/0x390\n[ 28.513050] Modules linked in: rpcsec_gss_krb5 auth_rpcgss nfsv4 nfs lockd grace fscache netfs nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip_set nf_tables\n[ 28.515462] CPU: 2 PID: 5255 Comm: fsstress Kdump: loaded Not tainted 6.3.0-rc1-00001-g85e1481e19c1-dirty #117\n[ 28.515902] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS Arch Linux 1.16.1-1-1 04/01/2014\n[ 28.516307] RIP: 0010:dax_insert_entry+0x342/0x390\n[ 28.516536] Code: 30 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 48 8b 45 20 48 83 c0 01 e9 e2 fe ff ff 48 8b 45 20 48 83 c0 01 e9 cd fe ff ff <0f> 0b e9 53 ff ff ff 48 8b 7c 24 08 31 f6 e8 1b 61 a1 00 eb 8c 48\n[ 28.517417] RSP: 0000:ffffc9000845fb18 EFLAGS: 00010086\n[ 28.517721] RAX: 0000000000000053 RBX: 0000000000000155 RCX: 000000000018824b\n[ 28.518113] RDX: 0000000000000000 RSI: ffffffff827525a6 RDI: 00000000ffffffff\n[ 28.518515] RBP: ffffea00062092c0 R08: 0000000000000000 R09: ffffc9000845f9c8\n[ 28.518905] R10: 0000000000000003 R11: ffffffff82ddb7e8 R12: 0000000000000155\n[ 28.519301] R13: 0000000000000000 R14: 000000000018824b R15: ffff88810cfa76b8\n[ 28.519703] FS: 00007f14a0c94740(0000) GS:ffff88817bd00000(0000) knlGS:0000000000000000\n[ 28.520148] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 28.520472] CR2: 00007f14a0c8d000 CR3: 000000010321c004 CR4: 0000000000770ee0\n[ 28.520863] PKRU: 55555554\n[ 28.521043] Call Trace:\n[ 28.521219] <TASK>\n[ 28.521368] dax_fault_iter+0x196/0x390\n[ 28.521595] dax_iomap_pte_fault+0x19b/0x3d0\n[ 28.521852] __xfs_filemap_fault+0x234/0x2b0\n[ 28.522116] __do_fault+0x30/0x130\n[ 28.522334] do_fault+0x193/0x340\n[ 28.522586] __handle_mm_fault+0x2d3/0x690\n[ 28.522975] handle_mm_fault+0xe6/0x2c0\n[ 28.523259] do_user_addr_fault+0x1bc/0x6f0\n[ 28.523521] exc_page_fault+0x60/0x140\n[ 28.523763] asm_exc_page_fault+0x22/0x30\n[ 28.524001] RIP: 0033:0x7f14a0b589ca\n[ 28.524225] Code: c5 fe 7f 07 c5 fe 7f 47 20 c5 fe 7f 47 40 c5 fe 7f 47 60 c5 f8 77 c3 66 0f 1f 84 00 00 00 00 00 40 0f b6 c6 48 89 d1 48 89 fa <f3> aa 48 89 d0 c5 f8 77 c3 66 66 2e 0f 1f 84 00 00 00 00 00 66 90\n[ 28.525198] RSP: 002b:00007fff1dea1c98 EFLAGS: 00010202\n[ 28.525505] RAX: 000000000000001e RBX: 000000000014a000 RCX: 0000000000006046\n[ 28.525895] RDX: 00007f14a0c82000 RSI: 000000000000001e RDI: 00007f14a0c8d000\n[ 28.526290] RBP: 000000000000006f R08: 0000000000000004 R09: 000000000014a000\n[ 28.526681] R10: 0000000000000008 R11: 0000000000000246 R12: 028f5c28f5c28f5c\n[ 28.527067] R13: 8f5c28f5c28f5c29 R14: 0000000000011046 R15: 00007f14a0c946c0\n[ 28.527449] </TASK>\n[ 28.527600] ---[ end trace 0000000000000000 ]---\n\n\nTo be able to delete this entry, clear its dirty mark before\ninvalidate_inode_pages2_range().\n\n[1] https://lore.kernel.org/linux-xfs/20230321151339.GA11376@frogsfrogsfrogs/"}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.2.11", "versionStartIncluding": "6.2"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.3", "versionStartIncluding": "6.2"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-09-16T16:11:45.592Z"}}}, "cveMetadata": {"cveId": "CVE-2023-53306", "state": "PUBLISHED", "dateUpdated": "2026-01-14T18:32:56.347Z", "dateReserved": "2025-09-16T08:09:37.994Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2025-09-16T16:11:45.592Z", "assignerShortName": "Linux"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "93C03C9A-798F-4CD5-912F-A436BFA0CC7E", "versionEndExcluding": "6.2.11", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.3:rc1:*:*:*:*:*:*", "matchCriteriaId": "B8E3B0E8-FA27-4305-87BB-AF6C25B160CB", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.3:rc2:*:*:*:*:*:*", "matchCriteriaId": "A47F0FC3-CE52-4BA1-BA51-22F783938431", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.3:rc3:*:*:*:*:*:*", "matchCriteriaId": "3583026A-27EC-4A4C-850A-83F2AF970673", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.3:rc4:*:*:*:*:*:*", "matchCriteriaId": "DC271202-7570-4505-89A4-D602D47BFD00", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.3:rc5:*:*:*:*:*:*", "matchCriteriaId": "D413BB6D-4F74-4C7D-9163-47786619EF53", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfsdax: force clear dirty mark if CoW\n\nXFS allows CoW on non-shared extents to combat fragmentation[1]. The old\nnon-shared extent could be mwrited before, its dax entry is marked dirty. \n\nThis results in a WARNing:\n\n[ 28.512349] ------------[ cut here ]------------\n[ 28.512622] WARNING: CPU: 2 PID: 5255 at fs/dax.c:390 dax_insert_entry+0x342/0x390\n[ 28.513050] Modules linked in: rpcsec_gss_krb5 auth_rpcgss nfsv4 nfs lockd grace fscache netfs nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip_set nf_tables\n[ 28.515462] CPU: 2 PID: 5255 Comm: fsstress Kdump: loaded Not tainted 6.3.0-rc1-00001-g85e1481e19c1-dirty #117\n[ 28.515902] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS Arch Linux 1.16.1-1-1 04/01/2014\n[ 28.516307] RIP: 0010:dax_insert_entry+0x342/0x390\n[ 28.516536] Code: 30 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 48 8b 45 20 48 83 c0 01 e9 e2 fe ff ff 48 8b 45 20 48 83 c0 01 e9 cd fe ff ff <0f> 0b e9 53 ff ff ff 48 8b 7c 24 08 31 f6 e8 1b 61 a1 00 eb 8c 48\n[ 28.517417] RSP: 0000:ffffc9000845fb18 EFLAGS: 00010086\n[ 28.517721] RAX: 0000000000000053 RBX: 0000000000000155 RCX: 000000000018824b\n[ 28.518113] RDX: 0000000000000000 RSI: ffffffff827525a6 RDI: 00000000ffffffff\n[ 28.518515] RBP: ffffea00062092c0 R08: 0000000000000000 R09: ffffc9000845f9c8\n[ 28.518905] R10: 0000000000000003 R11: ffffffff82ddb7e8 R12: 0000000000000155\n[ 28.519301] R13: 0000000000000000 R14: 000000000018824b R15: ffff88810cfa76b8\n[ 28.519703] FS: 00007f14a0c94740(0000) GS:ffff88817bd00000(0000) knlGS:0000000000000000\n[ 28.520148] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 28.520472] CR2: 00007f14a0c8d000 CR3: 000000010321c004 CR4: 0000000000770ee0\n[ 28.520863] PKRU: 55555554\n[ 28.521043] Call Trace:\n[ 28.521219] <TASK>\n[ 28.521368] dax_fault_iter+0x196/0x390\n[ 28.521595] dax_iomap_pte_fault+0x19b/0x3d0\n[ 28.521852] __xfs_filemap_fault+0x234/0x2b0\n[ 28.522116] __do_fault+0x30/0x130\n[ 28.522334] do_fault+0x193/0x340\n[ 28.522586] __handle_mm_fault+0x2d3/0x690\n[ 28.522975] handle_mm_fault+0xe6/0x2c0\n[ 28.523259] do_user_addr_fault+0x1bc/0x6f0\n[ 28.523521] exc_page_fault+0x60/0x140\n[ 28.523763] asm_exc_page_fault+0x22/0x30\n[ 28.524001] RIP: 0033:0x7f14a0b589ca\n[ 28.524225] Code: c5 fe 7f 07 c5 fe 7f 47 20 c5 fe 7f 47 40 c5 fe 7f 47 60 c5 f8 77 c3 66 0f 1f 84 00 00 00 00 00 40 0f b6 c6 48 89 d1 48 89 fa <f3> aa 48 89 d0 c5 f8 77 c3 66 66 2e 0f 1f 84 00 00 00 00 00 66 90\n[ 28.525198] RSP: 002b:00007fff1dea1c98 EFLAGS: 00010202\n[ 28.525505] RAX: 000000000000001e RBX: 000000000014a000 RCX: 0000000000006046\n[ 28.525895] RDX: 00007f14a0c82000 RSI: 000000000000001e RDI: 00007f14a0c8d000\n[ 28.526290] RBP: 000000000000006f R08: 0000000000000004 R09: 000000000014a000\n[ 28.526681] R10: 0000000000000008 R11: 0000000000000246 R12: 028f5c28f5c28f5c\n[ 28.527067] R13: 8f5c28f5c28f5c29 R14: 0000000000011046 R15: 00007f14a0c946c0\n[ 28.527449] </TASK>\n[ 28.527600] ---[ end trace 0000000000000000 ]---\n\n\nTo be able to delete this entry, clear its dirty mark before\ninvalidate_inode_pages2_range().\n\n[1] https://lore.kernel.org/linux-xfs/20230321151339.GA11376@frogsfrogsfrogs/"}], "id": "CVE-2023-53306", "lastModified": "2026-01-14T19:16:23.430", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-09-16T17:15:36.370", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/f76b3a32879de215ced3f8c754c4077b0c2f79e3"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/fac05f800abb63dc4d7cc48fe7edf16e0520dc1f"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: fsdax: force clear dirty mark if CoW", "id": "2395854", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395854"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "details": ["No description is available for this CVE."], "name": "CVE-2023-53306", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-09-16T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-53306\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-53306\nhttps://lore.kernel.org/linux-cve-announce/2025091641-CVE-2023-53306-b665@gregkh/T"], "threat_severity": "Moderate"}

{"created": "2025-09-17T10:04:32.164924+00:00", "updated": "2025-09-17T10:04:32.164955+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}