CVE-2023-54192 - Vulnerability Details

- f2fs: fix null pointer panic in tracepoint in __replace_atomic_write_block

Description

In the Linux kernel, the following vulnerability has been resolved:

f2fs: fix null pointer panic in tracepoint in __replace_atomic_write_block

We got a kernel panic if old_addr is NULL.

https://bugzilla.kernel.org/show_bug.cgi?id=217266

BUG: kernel NULL pointer dereference, address: 0000000000000000
Call Trace:
<TASK>
f2fs_commit_atomic_write+0x619/0x990 [f2fs a1b985b80f5babd6f3ea778384908880812bfa43]
__f2fs_ioctl+0xd8e/0x4080 [f2fs a1b985b80f5babd6f3ea778384908880812bfa43]
? vfs_write+0x2ae/0x3f0
? vfs_write+0x2ae/0x3f0
__x64_sys_ioctl+0x91/0xd0
do_syscall_64+0x5c/0x90
entry_SYSCALL_64_after_hwframe+0x72/0xdc
RIP: 0033:0x7f69095fe53f

Published: 2025-12-30

Score: n/a

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`9ad51915f4b368eef8f4cbd3a0b6367d4504c245`	affected	< 424f8cdc0ad29e4940be96dcc0b935ba497adeda
`f955d66b179679312310d42108c0df1cd0714313`	affected	< 1424358cd66c49460493293497b54cb72e0213cc
`2f3a9ae990a7881c9a57a073bb52ebe34fdc3160`	affected	< e2bbefc1741cb0732c13652be173da02f25611d1
`2f3a9ae990a7881c9a57a073bb52ebe34fdc3160`	affected	< da6ea0b050fa720302b56fbb59307e7c7531a342
`6.1.18`	affected	< 6.1.29
`6.2.5`	affected	< 6.2.16

Linux

affected

Version	Status	Constraints
`6.3`	affected	—
`0`	unaffected	< 6.3
`6.1.29`	unaffected	≤ 6.1.*
`6.2.16`	unaffected	≤ 6.2.*
`6.3.3`	unaffected	≤ 6.3.*
`6.4`	unaffected	≤ *

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00034.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/1424358cd66c49460493293497b54cb72e0213cc
https://git.kernel.org/stable/c/424f8cdc0ad29e4940be96dcc0b935ba497adeda
https://git.kernel.org/stable/c/da6ea0b050fa720302b56fbb59307e7c7531a342
https://git.kernel.org/stable/c/e2bbefc1741cb0732c13652be173da02f25611d1
https://lore.kernel.org/linux-cve-announce/2025123027-CVE-2023-54192-f8f5@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2023-54192
https://www.cve.org/CVERecord?id=CVE-2023-54192

History

Thu, 01 Jan 2026 00:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025123027-CVE-2023-54192-f8f5@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2023-54192 https://www.cve.org/CVERecord?id=CVE-2023-54192

Tue, 30 Dec 2025 12:30:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: f2fs: fix null pointer panic in tracepoint in __replace_atomic_write_block We got a kernel panic if old_addr is NULL. https://bugzilla.kernel.org/show_bug.cgi?id=217266 BUG: kernel NULL pointer dereference, address: 0000000000000000 Call Trace: <TASK> f2fs_commit_atomic_write+0x619/0x990 [f2fs a1b985b80f5babd6f3ea778384908880812bfa43] __f2fs_ioctl+0xd8e/0x4080 [f2fs a1b985b80f5babd6f3ea778384908880812bfa43] ? vfs_write+0x2ae/0x3f0 ? vfs_write+0x2ae/0x3f0 __x64_sys_ioctl+0x91/0xd0 do_syscall_64+0x5c/0x90 entry_SYSCALL_64_after_hwframe+0x72/0xdc RIP: 0033:0x7f69095fe53f
Title		f2fs: fix null pointer panic in tracepoint in __replace_atomic_write_block
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/1424358cd66c49460493293497b54cb72e0213cc https://git.kernel.org/stable/c/424f8cdc0ad29e4940be96dcc0b935ba497adeda https://git.kernel.org/stable/c/da6ea0b050fa720302b56fbb59307e7c7531a342 https://git.kernel.org/stable/c/e2bbefc1741cb0732c13652be173da02f25611d1

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-12-30T12:08:59.989Z

Updated: 2026-05-23T15:34:04.551Z

Reserved: 2025-12-30T12:06:44.498Z

Link: CVE-2023-54192

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2025-12-30T13:16:07.210

Modified: 2026-04-15T00:35:42.020

Link: CVE-2023-54192

Redhat

Severity :

Publid Date: 2025-12-30T00:00:00Z

Links: CVE-2023-54192 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

No weakness.

Tracking

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object