2424989 – (CVE-2023-54021) CVE-2023-54021 kernel: ext4: set goal start correctly in ext4_mb_normalize_request

Bug 2424989 (CVE-2023-54021) - CVE-2023-54021 kernel: ext4: set goal start correctly in ext4_mb_normalize_request

Summary: CVE-2023-54021 kernel: ext4: set goal start correctly in ext4_mb_normalize_re...

Keywords:
Status:	NEW
Alias:	CVE-2023-54021
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2025-12-24 12:06 UTC by OSIDB Bzimport
Modified:	2025-12-25 10:42 UTC (History)
CC List:	0 users
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2025-12-24 12:06:16 UTC

In the Linux kernel, the following vulnerability has been resolved:

ext4: set goal start correctly in ext4_mb_normalize_request

We need to set ac_g_ex to notify the goal start used in
ext4_mb_find_by_goal. Set ac_g_ex instead of ac_f_ex in
ext4_mb_normalize_request.
Besides we should assure goal start is in range [first_data_block,
blocks_count) as ext4_mb_initialize_context does.

[ Added a check to make sure size is less than ar->pright; otherwise
  we could end up passing an underflowed value of ar->pright - size to
  ext4_get_group_no_and_offset(), which will trigger a BUG_ON later on.
  - TYT ]

Comment 1 Alexander B 2025-12-25 10:38:43 UTC

Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2025122433-CVE-2023-54021-15bf@gregkh/T

Note You need to log in before you can comment on or make changes to this bug.