CVE-2023-54272

Published: Dec 30, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix a possible null-pointer dereference in ni_clear() In a previous commit c1006bd13146, ni->mi.mrec in ni_write_inode() could be NULL, and thus a NULL check is added for this variable. However, in the same call stack, ni->mi.mrec can be also dereferenced in ni_clear(): ntfs_evict_inode(inode) ni_write_inode(inode, ...) ni = ntfs_i(inode); is_rec_inuse(ni->mi.mrec) -> Add a NULL check by previous commit ni_clear(ntfs_i(inode)) is_rec_inuse(ni->mi.mrec) -> No check Thus, a possible null-pointer dereference may exist in ni_clear(). To fix it, a NULL check is added in this function.

Vendor	Product	Versions
Linux	Linux	affected `4342306f0f0d5ff4315a204d315c1b51b914fca5 - < 20f9bfc664d6a478f9a5bbc0c380f80f7a1a06c6` affected `4342306f0f0d5ff4315a204d315c1b51b914fca5 - < 39c6312009574ca73865354133ca222e7753a71b` affected `4342306f0f0d5ff4315a204d315c1b51b914fca5 - < e7675f85a92233136c630000a0b7cf97826705da` affected `4342306f0f0d5ff4315a204d315c1b51b914fca5 - < ec275bf9693d19cc0fdce8436f4c425ced86f6e7`
Linux	Linux	affected `5.15` unaffected `0 - < 5.15` unaffected `5.15.113 - <= 5.15.` unaffected `6.1.81 - <= 6.1.` unaffected `6.3.4 - <= 6.3.*` +1 more versions

References

https://git.kernel.org/stable/c/20f9bfc664d6a478f9a5bbc0c380f80f7a1a06c6

https://git.kernel.org/stable/c/39c6312009574ca73865354133ca222e7753a71b

https://git.kernel.org/stable/c/e7675f85a92233136c630000a0b7cf97826705da

https://git.kernel.org/stable/c/ec275bf9693d19cc0fdce8436f4c425ced86f6e7

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-54272

Description

Affected Products

References