CVE-2023-54119
Published: Dec 24, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: inotify: Avoid reporting event with invalid wd When inotify_freeing_mark() races with inotify_handle_inode_event() it can happen that inotify_handle_inode_event() sees that i_mark->wd got already reset to -1 and reports this value to userspace which can confuse the inotify listener. Avoid the problem by validating that wd is sensible (and pretend the mark got removed before the event got generated otherwise).
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 7e790dd5fc937bc8d2400c30a05e32a9e9eef276 - < 8fb33166aed888769ea63d6af49515893f8a1f14affected 7e790dd5fc937bc8d2400c30a05e32a9e9eef276 - < 2d65c97777e5b4a845637800d5d7b648f5772106affected 7e790dd5fc937bc8d2400c30a05e32a9e9eef276 - < 17ad86d8c12220de97e80d88b5b4c934a40e1812affected 7e790dd5fc937bc8d2400c30a05e32a9e9eef276 - < 145f54ea336b06cf4f92eeee996f2ffca939ea43affected 7e790dd5fc937bc8d2400c30a05e32a9e9eef276 - < fb3294998489d39835006240e9c6e6b2ac62022e+2 more versions |
Linux | Linux | affected 2.6.31unaffected 0 - < 2.6.31unaffected 5.4.243 - <= 5.4.*unaffected 5.10.180 - <= 5.10.*unaffected 5.15.112 - <= 5.15.*+4 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now