CVE-2023-53129

medium

Description

In the Linux kernel, the following vulnerability has been resolved: ext4: Fix deadlock during directory rename As lockdep properly warns, we should not be locking i_rwsem while having transactions started as the proper lock ordering used by all directory handling operations is i_rwsem -> transaction start. Fix the lock ordering by moving the locking of the directory earlier in ext4_rename().

References

https://git.kernel.org/stable/c/b113f90204479f55a17295bedf0cc966a60c7a56

https://git.kernel.org/stable/c/a2bc806e95bde8de3a0d675051d9ae78dcf6c691

https://git.kernel.org/stable/c/6b06c4ae64e3557a19b3bb0b6dbf641bc41fc218

https://git.kernel.org/stable/c/3c92792da8506a295afb6d032b4476e46f979725

https://git.kernel.org/stable/c/352c728653a1179ce7bb37a4c8aa8404d83914a2

https://git.kernel.org/stable/c/2ef7f829214fa8f428d953b49557b89b2b02db66

Details

Source: Mitre, NVD

Published: 2025-05-02

Updated: 2025-05-02

Risk Information

CVSS v2

Base Score: 5.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00024