{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-53023","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2026-06-09T07:44:35.379Z","datePublished":"2026-06-24T16:29:32.440Z","dateUpdated":"2026-06-24T16:29:32.440Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-06-24T16:29:32.440Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: terminate the cached volume label after UTF-8 conversion\n\nntfs_fill_super() loads the on-disk volume label with utf16s_to_utf8s()\nand stores the result in sbi->volume.label. The converted label is later\nexposed through ntfs3_label_show() using %s, but utf16s_to_utf8s() only\nreturns the number of bytes written and does not add a trailing NUL.\n\nIf the converted label fills the entire fixed buffer,\nntfs3_label_show() can read past the end of sbi->volume.label while\nlooking for a terminator.\n\nTerminate the cached label explicitly after a successful conversion and\nclamp the exact-full case to the last byte of the buffer."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/ntfs3/super.c"],"versions":[{"version":"82cae269cfa953032fbb8980a7d554d60fb00b17","lessThan":"32b0686369e0afbb3549a0d93e2d8517da84cd30","status":"affected","versionType":"git"},{"version":"82cae269cfa953032fbb8980a7d554d60fb00b17","lessThan":"bc7a0c34c4ca259cfddf3bc18fc5b3c6411d26ed","status":"affected","versionType":"git"},{"version":"82cae269cfa953032fbb8980a7d554d60fb00b17","lessThan":"0b11fcbe80a59acdf58337d80ebb5f72201d73d6","status":"affected","versionType":"git"},{"version":"82cae269cfa953032fbb8980a7d554d60fb00b17","lessThan":"54d564b762389679e2f8fb9eeb20af7e82371e1c","status":"affected","versionType":"git"},{"version":"82cae269cfa953032fbb8980a7d554d60fb00b17","lessThan":"6136bbb054f7ab9f51ae99915541633b18bcef90","status":"affected","versionType":"git"},{"version":"82cae269cfa953032fbb8980a7d554d60fb00b17","lessThan":"5cd0707b81cb4589f00aec5c4c1288bd0980d2a4","status":"affected","versionType":"git"},{"version":"82cae269cfa953032fbb8980a7d554d60fb00b17","lessThan":"a6cd43fe9b083fa23fe1595666d5738856cb261a","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/ntfs3/super.c"],"versions":[{"version":"5.15","status":"affected"},{"version":"0","lessThan":"5.15","status":"unaffected","versionType":"semver"},{"version":"5.15.209","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.175","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.6.141","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.12.91","lessThanOrEqual":"6.12.*","status":"unaffected","versionType":"semver"},{"version":"6.18.33","lessThanOrEqual":"6.18.*","status":"unaffected","versionType":"semver"},{"version":"7.0.10","lessThanOrEqual":"7.0.*","status":"unaffected","versionType":"semver"},{"version":"7.1","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15","versionEndExcluding":"5.15.209"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15","versionEndExcluding":"6.1.175"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15","versionEndExcluding":"6.6.141"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15","versionEndExcluding":"6.12.91"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15","versionEndExcluding":"6.18.33"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15","versionEndExcluding":"7.0.10"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15","versionEndExcluding":"7.1"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/32b0686369e0afbb3549a0d93e2d8517da84cd30"},{"url":"https://git.kernel.org/stable/c/bc7a0c34c4ca259cfddf3bc18fc5b3c6411d26ed"},{"url":"https://git.kernel.org/stable/c/0b11fcbe80a59acdf58337d80ebb5f72201d73d6"},{"url":"https://git.kernel.org/stable/c/54d564b762389679e2f8fb9eeb20af7e82371e1c"},{"url":"https://git.kernel.org/stable/c/6136bbb054f7ab9f51ae99915541633b18bcef90"},{"url":"https://git.kernel.org/stable/c/5cd0707b81cb4589f00aec5c4c1288bd0980d2a4"},{"url":"https://git.kernel.org/stable/c/a6cd43fe9b083fa23fe1595666d5738856cb261a"}],"title":"fs/ntfs3: terminate the cached volume label after UTF-8 conversion","x_generator":{"engine":"bippy-1.2.0"}}}}