CVE-2023-54119
Description
In the Linux kernel, the following vulnerability has been resolved:
inotify: Avoid reporting event with invalid wd
When inotify_freeing_mark() races with inotify_handle_inode_event() it can happen that inotify_handle_inode_event() sees that i_mark->wd got already reset to -1 and reports this value to userspace which can confuse the inotify listener. Avoid the problem by validating that wd is sensible (and pretend the mark got removed before the event got generated otherwise).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
In the Linux kernel's inotify subsystem, a race condition can report events with an invalid watch descriptor (-1) to user space.
Vulnerability
Details
The vulnerability arises from a race condition between inotify_freeing_mark() and inotify_handle_inode_event(). When an inotify watch is being freed, the watch descriptor (wd) is reset to -1. If an event is delivered concurrently, inotify_handle_inode_event() may observe the invalid wd value and report it to user space, causing confusion for the listener [1].
Exploitation
Exploiting this requires that a process generates inotify events while the watch for that inode is being torn down. An attacker with the ability to trigger file events (e.g., by writing to a monitored file) could cause events to be reported with an invalid wd. No special privileges beyond access to the inotify API are needed.
Impact
User-space applications using inotify may receive events with a watch descriptor of -1, which is not a valid descriptor. This can lead to incorrect interpretation of events, denial of service, or application crashes if the invalid value is used without validation.
Mitigation
The fix is included in Linux kernel stable commits (e.g., commit [1]). Users should apply the latest stable kernel updates to resolve the race condition. No workarounds other than upgrading are known.
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
78fb33166aed82d65c97777e517ad86d8c122145f54ea336bfb3294998489a48bacee0586c915d8f5918bVulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
7- git.kernel.org/stable/c/145f54ea336b06cf4f92eeee996f2ffca939ea43nvd
- git.kernel.org/stable/c/17ad86d8c12220de97e80d88b5b4c934a40e1812nvd
- git.kernel.org/stable/c/2d65c97777e5b4a845637800d5d7b648f5772106nvd
- git.kernel.org/stable/c/8fb33166aed888769ea63d6af49515893f8a1f14nvd
- git.kernel.org/stable/c/a48bacee05860c6089c3482bcdc80720b0ee5732nvd
- git.kernel.org/stable/c/c915d8f5918bea7c3962b09b8884ca128bfd9b0cnvd
- git.kernel.org/stable/c/fb3294998489d39835006240e9c6e6b2ac62022envd
News mentions
0No linked articles in our index yet.