CVE-2023-54317
Published: Dec 30, 2025
Modified: May 23, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: dm flakey: don't corrupt the zero page When we need to zero some range on a block device, the function __blkdev_issue_zero_pages submits a write bio with the bio vector pointing to the zero page. If we use dm-flakey with corrupt bio writes option, it will corrupt the content of the zero page which results in crashes of various userspace programs. Glibc assumes that memory returned by mmap is zeroed and it uses it for calloc implementation; if the newly mapped memory is not zeroed, calloc will return non-zeroed memory. Fix this bug by testing if the page is equal to ZERO_PAGE(0) and avoiding the corruption in this case.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected c6cd92fcabd6cc78bb1808c6a18245c842722fc1 - < b7f8892f672222dbfcc721f51edc03963212b249affected d4c637af2e56ee1ec66ee34d0ac5a13c75911aec - < 98e311be44dbe31ad9c42aa067b2359bac451fdaaffected a00f5276e26636cbf72f24f79831026d2e2868e7 - < 3c4a56ef7c538d16c1738ba0ccea9e7146105b5aaffected a00f5276e26636cbf72f24f79831026d2e2868e7 - < f2b478228bfdd11e358c5bc197561331f5d5c394affected a00f5276e26636cbf72f24f79831026d2e2868e7 - < ff60b2bb680ebcaf8890814dd51084a022891469+7 more versions |
Linux | Linux | affected 5.0unaffected 0 - < 5.0unaffected 4.14.308 - <= 4.14.*unaffected 4.19.276 - <= 4.19.*unaffected 5.4.235 - <= 5.4.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now