{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2023-54063","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-12-24T12:21:05.092Z","datePublished":"2025-12-24T12:23:09.346Z","dateUpdated":"2026-05-11T19:54:45.769Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T19:54:45.769Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Fix OOB read in indx_insert_into_buffer\n\nSyzbot reported a OOB read bug:\n\nBUG: KASAN: slab-out-of-bounds in indx_insert_into_buffer+0xaa3/0x13b0\nfs/ntfs3/index.c:1755\nRead of size 17168 at addr ffff8880255e06c0 by task syz-executor308/3630\n\nCall Trace:\n <TASK>\n memmove+0x25/0x60 mm/kasan/shadow.c:54\n indx_insert_into_buffer+0xaa3/0x13b0 fs/ntfs3/index.c:1755\n indx_insert_entry+0x446/0x6b0 fs/ntfs3/index.c:1863\n ntfs_create_inode+0x1d3f/0x35c0 fs/ntfs3/inode.c:1548\n ntfs_create+0x3e/0x60 fs/ntfs3/namei.c:100\n lookup_open fs/namei.c:3413 [inline]\n\nIf the member struct INDEX_BUFFER *index of struct indx_node is\nincorrect, that is, the value of __le32 used is greater than the value\nof __le32 total in struct INDEX_HDR. Therefore, OOB read occurs when\nmemmove is called in indx_insert_into_buffer().\nFix this by adding a check in hdr_find_e()."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/ntfs3/index.c"],"versions":[{"version":"82cae269cfa953032fbb8980a7d554d60fb00b17","lessThan":"cd7e1d67924081717c5c96ead758a1a77867689a","status":"affected","versionType":"git"},{"version":"82cae269cfa953032fbb8980a7d554d60fb00b17","lessThan":"17048287ac79abd33b275ac3b5738285d406481b","status":"affected","versionType":"git"},{"version":"82cae269cfa953032fbb8980a7d554d60fb00b17","lessThan":"a7e5dba10ba1402dd6c2f961a70320770865c4a5","status":"affected","versionType":"git"},{"version":"82cae269cfa953032fbb8980a7d554d60fb00b17","lessThan":"4bf3b564e27a518f158a83d5e1a50064ed6136a0","status":"affected","versionType":"git"},{"version":"82cae269cfa953032fbb8980a7d554d60fb00b17","lessThan":"b8c44949044e5f7f864525fdffe8e95135ce9ce5","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/ntfs3/index.c"],"versions":[{"version":"5.15","status":"affected"},{"version":"0","lessThan":"5.15","status":"unaffected","versionType":"semver"},{"version":"5.15.111","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.28","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.2.15","lessThanOrEqual":"6.2.*","status":"unaffected","versionType":"semver"},{"version":"6.3.2","lessThanOrEqual":"6.3.*","status":"unaffected","versionType":"semver"},{"version":"6.4","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15","versionEndExcluding":"5.15.111"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15","versionEndExcluding":"6.1.28"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15","versionEndExcluding":"6.2.15"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15","versionEndExcluding":"6.3.2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15","versionEndExcluding":"6.4"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/cd7e1d67924081717c5c96ead758a1a77867689a"},{"url":"https://git.kernel.org/stable/c/17048287ac79abd33b275ac3b5738285d406481b"},{"url":"https://git.kernel.org/stable/c/a7e5dba10ba1402dd6c2f961a70320770865c4a5"},{"url":"https://git.kernel.org/stable/c/4bf3b564e27a518f158a83d5e1a50064ed6136a0"},{"url":"https://git.kernel.org/stable/c/b8c44949044e5f7f864525fdffe8e95135ce9ce5"}],"title":"fs/ntfs3: Fix OOB read in indx_insert_into_buffer","x_generator":{"engine":"bippy-1.2.0"}}}}