Unrated severityNVD Advisory· Published Mar 2, 2024· Updated May 4, 2025

netfs: Only call folio_start_fscache() one time for each folio

CVE-2023-52582

Description

In the Linux kernel, the following vulnerability has been resolved:

If a network filesystem using netfs implements a clamp_length() function, it can set subrequest lengths smaller than a page size.

When we loop through the folios in netfs_rreq_unlock_folios() to set any folios to be written back, we need to make sure we only call folio_start_fscache() once for each folio.

Otherwise, this simple testcase:

mount -o fsc,rsize=1024,wsize=1024 127.0.0.1:/export /mnt/nfs dd if=/dev/zero of=/mnt/nfs/file.bin bs=4096 count=1 1+0 records in 1+0 records out 4096 bytes (4.1 kB, 4.0 KiB) copied, 0.0126359 s, 324 kB/s echo 3 > /proc/sys/vm/drop_caches cat /mnt/nfs/file.bin > /dev/null

will trigger an oops similar to the following:

page dumped because: VM_BUG_ON_FOLIO(folio_test_private_2(folio)) ------------[ cut here ]------------ kernel BUG at include/linux/netfs.h:44! ... CPU: 5 PID: 134 Comm: kworker/u16:5 Kdump: loaded Not tainted 6.4.0-rc5 ... RIP: 0010:netfs_rreq_unlock_folios+0x68e/0x730 [netfs] ... Call Trace: netfs_rreq_assess+0x497/0x660 [netfs] netfs_subreq_terminated+0x32b/0x610 [netfs] nfs_netfs_read_completion+0x14e/0x1a0 [nfs] nfs_read_completion+0x2f9/0x330 [nfs] rpc_free_task+0x72/0xa0 [sunrpc] rpc_async_release+0x46/0x70 [sunrpc] process_one_work+0x3bd/0x710 worker_thread+0x89/0x610 kthread+0x181/0x1c0 ret_from_fork+0x29/0x50

Affected products

100

osv-coords99 versions
pkg:rpm/opensuse/dtb-aarch64&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-64kb&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-azure&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-debug&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-default-base&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-default-base&distro=openSUSE%20Leap%20Micro%205.3 pkg:rpm/opensuse/kernel-default-base&distro=openSUSE%20Leap%20Micro%205.4 pkg:rpm/opensuse/kernel-default&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-default&distro=openSUSE%20Leap%20Micro%205.3 pkg:rpm/opensuse/kernel-default&distro=openSUSE%20Leap%20Micro%205.4 pkg:rpm/opensuse/kernel-docs&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-kvmsmall&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-obs-build&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-obs-qa&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-rt_debug&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-rt&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-rt&distro=openSUSE%20Leap%20Micro%205.3 pkg:rpm/opensuse/kernel-rt&distro=openSUSE%20Leap%20Micro%205.4 pkg:rpm/opensuse/kernel-source-azure&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-source&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-source-rt&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-syms-azure&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-syms&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-syms-rt&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/kernel-zfcpdump&distro=openSUSE%20Leap%2015.5 pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOS pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSS pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5 pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSS pkg:rpm/suse/kernel-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOS pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSS pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.3 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.4 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.5 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSS pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Manager%20Proxy%204.3 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Manager%20Server%204.3 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP4 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOS pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSS pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Micro%205.3 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Micro%205.4 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Micro%205.5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSS pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP5 pkg:rpm/suse/kernel-default&distro=SUSE%20Manager%20Proxy%204.3 pkg:rpm/suse/kernel-default&distro=SUSE%20Manager%20Server%204.3 pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOS pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSS pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5 pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSS pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4 pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_25&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4 pkg:rpm/suse/kernel-livepatch-SLE15-SP5-RT_Update_13&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5 pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_12&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5 pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOS pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSS pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5 pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSS pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4 pkg:rpm/suse/kernel-rt_debug&distro=SUSE%20Real%20Time%20Module%2015%20SP5 pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.3 pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.4 pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5 pkg:rpm/suse/kernel-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP5 pkg:rpm/suse/kernel-source-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOS pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSS pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSS pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4 pkg:rpm/suse/kernel-source&distro=SUSE%20Manager%20Proxy%204.3 pkg:rpm/suse/kernel-source&distro=SUSE%20Manager%20Server%204.3 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.3 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.4 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP5 pkg:rpm/suse/kernel-syms-azure&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5 pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOS pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSS pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5 pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSS pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4 pkg:rpm/suse/kernel-syms&distro=SUSE%20Manager%20Proxy%204.3 pkg:rpm/suse/kernel-syms&distro=SUSE%20Manager%20Server%204.3 pkg:rpm/suse/kernel-syms-rt&distro=SUSE%20Real%20Time%20Module%2015%20SP5 pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5 pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSS pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Manager%20Server%204.3
< 5.14.21-150500.55.59.1+ 98 more
- (no CPE)range: < 5.14.21-150500.55.59.1
- (no CPE)range: < 5.14.21-150500.55.59.1
- (no CPE)range: < 5.14.21-150500.33.48.1
- (no CPE)range: < 5.14.21-150500.55.59.1
- (no CPE)range: < 5.14.21-150500.55.59.1.150500.6.25.7
- (no CPE)range: < 5.14.21-150400.24.116.1.150400.24.54.5
- (no CPE)range: < 5.14.21-150400.24.116.1.150400.24.54.5
- (no CPE)range: < 5.14.21-150500.55.59.1
- (no CPE)range: < 5.14.21-150400.24.116.1
- (no CPE)range: < 5.14.21-150400.24.116.1
- (no CPE)range: < 5.14.21-150500.55.59.1
- (no CPE)range: < 5.14.21-150500.55.59.1
- (no CPE)range: < 5.14.21-150500.55.59.1
- (no CPE)range: < 5.14.21-150500.55.59.1
- (no CPE)range: < 5.14.21-150500.13.47.1
- (no CPE)range: < 5.14.21-150500.13.47.1
- (no CPE)range: < 5.14.21-150400.15.76.1
- (no CPE)range: < 5.14.21-150400.15.76.1
- (no CPE)range: < 5.14.21-150500.33.48.1
- (no CPE)range: < 5.14.21-150500.55.59.1
- (no CPE)range: < 5.14.21-150500.13.47.1
- (no CPE)range: < 5.14.21-150500.33.48.1
- (no CPE)range: < 5.14.21-150500.55.59.1
- (no CPE)range: < 5.14.21-150500.13.47.1
- (no CPE)range: < 5.14.21-150500.55.59.1
- (no CPE)range: < 5.14.21-150400.24.116.1
- (no CPE)range: < 5.14.21-150400.24.116.1
- (no CPE)range: < 5.14.21-150500.55.59.1
- (no CPE)range: < 5.14.21-150400.24.116.1
- (no CPE)range: < 5.14.21-150500.33.48.1
- (no CPE)range: < 5.14.21-150400.24.116.1.150400.24.54.5
- (no CPE)range: < 5.14.21-150400.24.116.1.150400.24.54.5
- (no CPE)range: < 5.14.21-150400.24.116.1.150400.24.54.5
- (no CPE)range: < 5.14.21-150400.24.116.1.150400.24.54.5
- (no CPE)range: < 5.14.21-150500.55.59.1.150500.6.25.7
- (no CPE)range: < 5.14.21-150500.55.59.1.150500.6.25.7
- (no CPE)range: < 5.14.21-150400.24.116.1.150400.24.54.5
- (no CPE)range: < 5.14.21-150400.24.116.1.150400.24.54.5
- (no CPE)range: < 5.14.21-150400.24.116.1.150400.24.54.5
- (no CPE)range: < 5.14.21-150400.24.116.1.150400.24.54.5
- (no CPE)range: < 5.14.21-150400.24.116.1
- (no CPE)range: < 5.14.21-150500.55.59.1
- (no CPE)range: < 5.14.21-150400.24.116.1
- (no CPE)range: < 5.14.21-150400.24.116.1
- (no CPE)range: < 5.14.21-150400.24.116.1
- (no CPE)range: < 5.14.21-150500.55.59.1
- (no CPE)range: < 5.14.21-150400.24.116.1
- (no CPE)range: < 5.14.21-150400.24.116.1
- (no CPE)range: < 5.14.21-150500.55.59.1
- (no CPE)range: < 5.14.21-150500.55.59.1
- (no CPE)range: < 5.14.21-150500.55.59.1
- (no CPE)range: < 5.14.21-150400.24.116.1
- (no CPE)range: < 5.14.21-150400.24.116.1
- (no CPE)range: < 5.14.21-150500.55.59.1
- (no CPE)range: < 5.14.21-150400.24.116.1
- (no CPE)range: < 5.14.21-150400.24.116.1
- (no CPE)range: < 5.14.21-150400.24.116.1
- (no CPE)range: < 5.14.21-150400.24.116.1
- (no CPE)range: < 5.14.21-150500.55.59.1
- (no CPE)range: < 5.14.21-150400.24.116.1
- (no CPE)range: < 5.14.21-150400.24.116.1
- (no CPE)range: < 1-150400.9.5.1
- (no CPE)range: < 1-150500.11.3.1
- (no CPE)range: < 1-150500.11.7.1
- (no CPE)range: < 5.14.21-150400.24.116.1
- (no CPE)range: < 5.14.21-150400.24.116.1
- (no CPE)range: < 5.14.21-150500.55.59.1
- (no CPE)range: < 5.14.21-150400.24.116.1
- (no CPE)range: < 5.14.21-150400.24.116.1
- (no CPE)range: < 5.14.21-150500.13.47.1
- (no CPE)range: < 5.14.21-150400.15.76.1
- (no CPE)range: < 5.14.21-150400.15.76.1
- (no CPE)range: < 5.14.21-150500.13.47.1
- (no CPE)range: < 5.14.21-150500.13.47.1
- (no CPE)range: < 5.14.21-150500.33.48.1
- (no CPE)range: < 5.14.21-150400.24.116.1
- (no CPE)range: < 5.14.21-150400.24.116.1
- (no CPE)range: < 5.14.21-150500.55.59.1
- (no CPE)range: < 5.14.21-150500.55.59.1
- (no CPE)range: < 5.14.21-150400.24.116.1
- (no CPE)range: < 5.14.21-150400.24.116.1
- (no CPE)range: < 5.14.21-150400.24.116.1
- (no CPE)range: < 5.14.21-150400.24.116.1
- (no CPE)range: < 5.14.21-150400.15.76.1
- (no CPE)range: < 5.14.21-150400.15.76.1
- (no CPE)range: < 5.14.21-150500.13.47.1
- (no CPE)range: < 5.14.21-150500.13.47.1
- (no CPE)range: < 5.14.21-150500.33.48.1
- (no CPE)range: < 5.14.21-150400.24.116.1
- (no CPE)range: < 5.14.21-150400.24.116.1
- (no CPE)range: < 5.14.21-150500.55.59.1
- (no CPE)range: < 5.14.21-150400.24.116.1
- (no CPE)range: < 5.14.21-150400.24.116.1
- (no CPE)range: < 5.14.21-150400.24.116.1
- (no CPE)range: < 5.14.21-150400.24.116.1
- (no CPE)range: < 5.14.21-150500.13.47.1
- (no CPE)range: < 5.14.21-150500.55.59.1
- (no CPE)range: < 5.14.21-150400.24.116.1
- (no CPE)range: < 5.14.21-150400.24.116.1
Linux/Linuxcpe-rescue
Range: 5.13

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000