CVE-2023-53163

Published: Sep 15, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: don't hold ni_lock when calling truncate_setsize() syzbot is reporting hung task at do_user_addr_fault() [1], for there is a silent deadlock between PG_locked bit and ni_lock lock. Since filemap_update_page() calls filemap_read_folio() after calling folio_trylock() which will set PG_locked bit, ntfs_truncate() must not call truncate_setsize() which will wait for PG_locked bit to be cleared when holding ni_lock lock.

Vendor	Product	Versions
Linux	Linux	affected `4342306f0f0d5ff4315a204d315c1b51b914fca5 - < 8414983c2e649364d8af29080a0869266b31abb6` affected `4342306f0f0d5ff4315a204d315c1b51b914fca5 - < 6bb6b1c6b0c31e36736b87a39dd1cbbd9d5ec22f` affected `4342306f0f0d5ff4315a204d315c1b51b914fca5 - < 73fee7e1e5ea11b51c51c46e0577a197ca3602cf` affected `4342306f0f0d5ff4315a204d315c1b51b914fca5 - < 0226635c304cfd5c9db9b78c259cb713819b057e`
Linux	Linux	affected `5.15` unaffected `0 - < 5.15` unaffected `5.15.87 - <= 5.15.` unaffected `6.0.19 - <= 6.0.` unaffected `6.1.5 - <= 6.1.*` +1 more versions

References

https://git.kernel.org/stable/c/8414983c2e649364d8af29080a0869266b31abb6

https://git.kernel.org/stable/c/6bb6b1c6b0c31e36736b87a39dd1cbbd9d5ec22f

https://git.kernel.org/stable/c/73fee7e1e5ea11b51c51c46e0577a197ca3602cf

https://git.kernel.org/stable/c/0226635c304cfd5c9db9b78c259cb713819b057e

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-53163

Description

Affected Products

References