CVE-2023-52705
📋 TL;DR
A vulnerability in the Linux kernel's nilfs2 filesystem allows underflow in superblock position calculations when using devices smaller than 4096 bytes. This can cause out-of-bounds memory access during mounting or filesystem resizing operations, potentially leading to denial of service or system hangs. Systems using nilfs2 filesystem on small block devices are affected.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
System becomes unresponsive due to semaphore deadlock, requiring hard reboot and potentially causing filesystem corruption.
Likely Case
Mount failure or resize operation hangs, causing denial of service for affected filesystem operations.
If Mitigated
Filesystem operations fail gracefully with error messages instead of hanging.
🎯 Exploit Status
Requires local access and ability to mount nilfs2 filesystems or perform resize operations on small block devices.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Multiple stable kernel patches (see references for specific commits)
Vendor Advisory: https://git.kernel.org/stable/c/0ee5ed0126a2211f7174492da2ca2c29f43755c5
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing fixes. 2. Check kernel changelog for nilfs2 fixes. 3. Reboot system after kernel update.
🔧 Temporary Workarounds
Avoid small nilfs2 devices
linuxDo not use nilfs2 filesystem on block devices smaller than 4096 bytes
Disable nilfs2 module
linuxPrevent nilfs2 module from loading if not needed
echo 'blacklist nilfs2' >> /etc/modprobe.d/blacklist.conf
🧯 If You Can't Patch
- Avoid using nilfs2 filesystem on any block devices
- Ensure all nilfs2 filesystems are on devices larger than 4096 bytes and avoid resize operations
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if nilfs2 is in use on small block devices (<4096 bytes)Check Version:
uname -rVerify Fix Applied:
Verify kernel version includes nilfs2 fixes from referenced commits📡 Detection & Monitoring
Log Indicators:
- I/O error messages mentioning nilfs2 and secondary superblock
- Kernel hung task warnings with nilfs2 segctord thread
- Resize operation failures on nilfs2 filesystems
SIEM Query:
kernel: "NILFS.*unable to read secondary superblock" OR kernel: "task segctord.*blocked"🔗 References
- https://git.kernel.org/stable/c/0ee5ed0126a2211f7174492da2ca2c29f43755c5
- https://git.kernel.org/stable/c/2f7a1135b202977b82457adde7db6c390056863b
- https://git.kernel.org/stable/c/52844d8382cd9166d708032def8905ffc3ae550f
- https://git.kernel.org/stable/c/99b9402a36f0799f25feee4465bfa4b8dfa74b4d
- https://git.kernel.org/stable/c/a158782b56b070485d54d25fc9aaf2c8f3752205
- https://git.kernel.org/stable/c/a8ef5109f93cea9933bbac0455d8c18757b3fcb4
- https://git.kernel.org/stable/c/b96591e2c35c8b47db0ec816b5fc6cb8868000ff
- https://git.kernel.org/stable/c/0ee5ed0126a2211f7174492da2ca2c29f43755c5
- https://git.kernel.org/stable/c/2f7a1135b202977b82457adde7db6c390056863b
- https://git.kernel.org/stable/c/52844d8382cd9166d708032def8905ffc3ae550f
- https://git.kernel.org/stable/c/99b9402a36f0799f25feee4465bfa4b8dfa74b4d
- https://git.kernel.org/stable/c/a158782b56b070485d54d25fc9aaf2c8f3752205
- https://git.kernel.org/stable/c/a8ef5109f93cea9933bbac0455d8c18757b3fcb4
- https://git.kernel.org/stable/c/b96591e2c35c8b47db0ec816b5fc6cb8868000ff
