2400719 – (CVE-2023-53473) CVE-2023-53473 kernel: ext4: improve error handling from ext4_dirhash()

Bug 2400719 (CVE-2023-53473) - CVE-2023-53473 kernel: ext4: improve error handling from ext4_dirhash()

Summary: CVE-2023-53473 kernel: ext4: improve error handling from ext4_dirhash()

Keywords:
Status:	NEW
Alias:	CVE-2023-53473
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2025-10-01 12:03 UTC by OSIDB Bzimport
Modified:	2025-10-01 22:45 UTC (History)
CC List:	0 users
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2025-10-01 12:03:32 UTC

In the Linux kernel, the following vulnerability has been resolved:

ext4: improve error handling from ext4_dirhash()

The ext4_dirhash() will *almost* never fail, especially when the hash
tree feature was first introduced.  However, with the addition of
support of encrypted, casefolded file names, that function can most
certainly fail today.

So make sure the callers of ext4_dirhash() properly check for
failures, and reflect the errors back up to their callers.

Comment 1 Jon Moroney 2025-10-01 22:42:48 UTC

Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2025100110-CVE-2023-53473-bf5d@gregkh/T

Note You need to log in before you can comment on or make changes to this bug.