{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2023-54151", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-12-24T13:02:52.528Z", "datePublished": "2025-12-24T13:07:02.600Z", "dateUpdated": "2025-12-24T13:07:02.600Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-12-24T13:07:02.600Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: Fix system crash due to lack of free space in LFS\n\nWhen f2fs tries to checkpoint during foreground gc in LFS mode, system\ncrash occurs due to lack of free space if the amount of dirty node and\ndentry pages generated by data migration exceeds free space.\nThe reproduction sequence is as follows.\n\n - 20GiB capacity block device (null_blk)\n - format and mount with LFS mode\n - create a file and write 20,000MiB\n - 4k random write on full range of the file\n\n RIP: 0010:new_curseg+0x48a/0x510 [f2fs]\n Code: 55 e7 f5 89 c0 48 0f af c3 48 8b 5d c0 48 c1 e8 20 83 c0 01 89 43 6c 48 83 c4 28 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc <0f> 0b f0 41 80 4f 48 04 45 85 f6 0f 84 ba fd ff ff e9 ef fe ff ff\n RSP: 0018:ffff977bc397b218 EFLAGS: 00010246\n RAX: 00000000000027b9 RBX: 0000000000000000 RCX: 00000000000027c0\n RDX: 0000000000000000 RSI: 00000000000027b9 RDI: ffff8c25ab4e74f8\n RBP: ffff977bc397b268 R08: 00000000000027b9 R09: ffff8c29e4a34b40\n R10: 0000000000000001 R11: ffff977bc397b0d8 R12: 0000000000000000\n R13: ffff8c25b4dd81a0 R14: 0000000000000000 R15: ffff8c2f667f9000\n FS: 0000000000000000(0000) GS:ffff8c344ec80000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000000c00055d000 CR3: 0000000e30810003 CR4: 00000000003706e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n <TASK>\n allocate_segment_by_default+0x9c/0x110 [f2fs]\n f2fs_allocate_data_block+0x243/0xa30 [f2fs]\n ? __mod_lruvec_page_state+0xa0/0x150\n do_write_page+0x80/0x160 [f2fs]\n f2fs_do_write_node_page+0x32/0x50 [f2fs]\n __write_node_page+0x339/0x730 [f2fs]\n f2fs_sync_node_pages+0x5a6/0x780 [f2fs]\n block_operations+0x257/0x340 [f2fs]\n f2fs_write_checkpoint+0x102/0x1050 [f2fs]\n f2fs_gc+0x27c/0x630 [f2fs]\n ? folio_mark_dirty+0x36/0x70\n f2fs_balance_fs+0x16f/0x180 [f2fs]\n\nThis patch adds checking whether free sections are enough before checkpoint\nduring gc.\n\n[Jaegeuk Kim: code clean-up]"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/f2fs/gc.c", "fs/f2fs/gc.h", "fs/f2fs/segment.h"], "versions": [{"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "f4631d295ae3fff9e240ab78dc17f4b83d14f7bc", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "ce71c61d661cfac3f097af928995abfcebd2b8c5", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "d11cef14f8146f3babd286c2cc8ca09c166295e2", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/f2fs/gc.c", "fs/f2fs/gc.h", "fs/f2fs/segment.h"], "versions": [{"version": "6.1.30", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.3.4", "lessThanOrEqual": "6.3.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.4", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.1.30"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.3.4"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.4"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/f4631d295ae3fff9e240ab78dc17f4b83d14f7bc"}, {"url": "https://git.kernel.org/stable/c/ce71c61d661cfac3f097af928995abfcebd2b8c5"}, {"url": "https://git.kernel.org/stable/c/d11cef14f8146f3babd286c2cc8ca09c166295e2"}], "title": "f2fs: Fix system crash due to lack of free space in LFS", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: Fix system crash due to lack of free space in LFS\n\nWhen f2fs tries to checkpoint during foreground gc in LFS mode, system\ncrash occurs due to lack of free space if the amount of dirty node and\ndentry pages generated by data migration exceeds free space.\nThe reproduction sequence is as follows.\n\n - 20GiB capacity block device (null_blk)\n - format and mount with LFS mode\n - create a file and write 20,000MiB\n - 4k random write on full range of the file\n\n RIP: 0010:new_curseg+0x48a/0x510 [f2fs]\n Code: 55 e7 f5 89 c0 48 0f af c3 48 8b 5d c0 48 c1 e8 20 83 c0 01 89 43 6c 48 83 c4 28 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc <0f> 0b f0 41 80 4f 48 04 45 85 f6 0f 84 ba fd ff ff e9 ef fe ff ff\n RSP: 0018:ffff977bc397b218 EFLAGS: 00010246\n RAX: 00000000000027b9 RBX: 0000000000000000 RCX: 00000000000027c0\n RDX: 0000000000000000 RSI: 00000000000027b9 RDI: ffff8c25ab4e74f8\n RBP: ffff977bc397b268 R08: 00000000000027b9 R09: ffff8c29e4a34b40\n R10: 0000000000000001 R11: ffff977bc397b0d8 R12: 0000000000000000\n R13: ffff8c25b4dd81a0 R14: 0000000000000000 R15: ffff8c2f667f9000\n FS: 0000000000000000(0000) GS:ffff8c344ec80000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000000c00055d000 CR3: 0000000e30810003 CR4: 00000000003706e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n <TASK>\n allocate_segment_by_default+0x9c/0x110 [f2fs]\n f2fs_allocate_data_block+0x243/0xa30 [f2fs]\n ? __mod_lruvec_page_state+0xa0/0x150\n do_write_page+0x80/0x160 [f2fs]\n f2fs_do_write_node_page+0x32/0x50 [f2fs]\n __write_node_page+0x339/0x730 [f2fs]\n f2fs_sync_node_pages+0x5a6/0x780 [f2fs]\n block_operations+0x257/0x340 [f2fs]\n f2fs_write_checkpoint+0x102/0x1050 [f2fs]\n f2fs_gc+0x27c/0x630 [f2fs]\n ? folio_mark_dirty+0x36/0x70\n f2fs_balance_fs+0x16f/0x180 [f2fs]\n\nThis patch adds checking whether free sections are enough before checkpoint\nduring gc.\n\n[Jaegeuk Kim: code clean-up]"}], "id": "CVE-2023-54151", "lastModified": "2025-12-24T13:16:17.113", "metrics": {}, "published": "2025-12-24T13:16:17.113", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/ce71c61d661cfac3f097af928995abfcebd2b8c5"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/d11cef14f8146f3babd286c2cc8ca09c166295e2"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/f4631d295ae3fff9e240ab78dc17f4b83d14f7bc"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Received"}

{"bugzilla": {"description": "kernel: f2fs: Fix system crash due to lack of free space in LFS", "id": "2425189", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425189"}, "csaw": false, "details": ["No description is available for this CVE."], "name": "CVE-2023-54151", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-12-24T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-54151\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-54151\nhttps://lore.kernel.org/linux-cve-announce/2025122426-CVE-2023-54151-854b@gregkh/T"]}

{}