Description

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: don't hold ni_lock when calling truncate_setsize() syzbot is reporting hung task at do_user_addr_fault() [1], for there is a silent deadlock between PG_locked bit and ni_lock lock. Since filemap_update_page() calls filemap_read_folio() after calling folio_trylock() which will set PG_locked bit, ntfs_truncate() must not call truncate_setsize() which will wait for PG_locked bit to be cleared when holding ni_lock lock.

INFO

Published Date :

2025-09-15T14:03:33.777Z

Last Modified :

2025-09-15T14:03:33.777Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2023-53163 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2023-53163.

URL Resource
https://git.kernel.org/stable/c/0226635c304cfd5c9db9b78c259cb713819b057e cve-icon cve-icon
https://git.kernel.org/stable/c/6bb6b1c6b0c31e36736b87a39dd1cbbd9d5ec22f cve-icon cve-icon
https://git.kernel.org/stable/c/73fee7e1e5ea11b51c51c46e0577a197ca3602cf cve-icon cve-icon
https://git.kernel.org/stable/c/8414983c2e649364d8af29080a0869266b31abb6 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025091553-CVE-2023-53163-860f@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2023-53163 cve-icon
https://www.cve.org/CVERecord?id=CVE-2023-53163 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact