{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2023-53339","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-09-16T16:08:59.565Z","datePublished":"2025-09-17T14:56:33.114Z","dateUpdated":"2026-05-11T19:43:02.231Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T19:43:02.231Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix BUG_ON condition in btrfs_cancel_balance\n\nPausing and canceling balance can race to interrupt balance lead to BUG_ON\npanic in btrfs_cancel_balance. The BUG_ON condition in btrfs_cancel_balance\ndoes not take this race scenario into account.\n\nHowever, the race condition has no other side effects. We can fix that.\n\nReproducing it with panic trace like this:\n\n  kernel BUG at fs/btrfs/volumes.c:4618!\n  RIP: 0010:btrfs_cancel_balance+0x5cf/0x6a0\n  Call Trace:\n   <TASK>\n   ? do_nanosleep+0x60/0x120\n   ? hrtimer_nanosleep+0xb7/0x1a0\n   ? sched_core_clone_cookie+0x70/0x70\n   btrfs_ioctl_balance_ctl+0x55/0x70\n   btrfs_ioctl+0xa46/0xd20\n   __x64_sys_ioctl+0x7d/0xa0\n   do_syscall_64+0x38/0x80\n   entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\n  Race scenario as follows:\n  > mutex_unlock(&fs_info->balance_mutex);\n  > --------------------\n  > .......issue pause and cancel req in another thread\n  > --------------------\n  > ret = __btrfs_balance(fs_info);\n  >\n  > mutex_lock(&fs_info->balance_mutex);\n  > if (ret == -ECANCELED && atomic_read(&fs_info->balance_pause_req)) {\n  >         btrfs_info(fs_info, \"balance: paused\");\n  >         btrfs_exclop_balance(fs_info, BTRFS_EXCLOP_BALANCE_PAUSED);\n  > }"}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/btrfs/volumes.c"],"versions":[{"version":"ddf7e8984c83aee9122552529f4e77291903f8d9","lessThan":"ceb9ba8e30833a4823e2dc73f80ebcdf2498d01a","status":"affected","versionType":"git"},{"version":"72efe5d44821e38540888a5fe3ff3d0faab6acad","lessThan":"ae81329f7de3aa6f34ecdfa5412e72161a30e9ce","status":"affected","versionType":"git"},{"version":"b19c98f237cd76981aaded52c258ce93f7daa8cb","lessThan":"29eefa6d0d07e185f7bfe9576f91e6dba98189c2","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/btrfs/volumes.c"],"versions":[{"version":"6.1.42","lessThan":"6.1.47","status":"affected","versionType":"semver"},{"version":"6.4.7","lessThan":"6.4.12","status":"affected","versionType":"semver"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.42","versionEndExcluding":"6.1.47"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.7","versionEndExcluding":"6.4.12"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/ceb9ba8e30833a4823e2dc73f80ebcdf2498d01a"},{"url":"https://git.kernel.org/stable/c/ae81329f7de3aa6f34ecdfa5412e72161a30e9ce"},{"url":"https://git.kernel.org/stable/c/29eefa6d0d07e185f7bfe9576f91e6dba98189c2"}],"title":"btrfs: fix BUG_ON condition in btrfs_cancel_balance","x_generator":{"engine":"bippy-1.2.0"}}}}