VYPR
← All advisories
Unrated severityNVD Advisory· Published Dec 24, 2025· Updated Apr 15, 2026

CVE-2023-54151

CVE-2023-54151

Description

In the Linux kernel, the following vulnerability has been resolved:

f2fs: Fix system crash due to lack of free space in LFS

When f2fs tries to checkpoint during foreground gc in LFS mode, system crash occurs due to lack of free space if the amount of dirty node and dentry pages generated by data migration exceeds free space. The reproduction sequence is as follows.

  • 20GiB capacity block device (null_blk)
  • format and mount with LFS mode
  • create a file and write 20,000MiB
  • 4k random write on full range of the file

RIP: 0010:new_curseg+0x48a/0x510 [f2fs] Code: 55 e7 f5 89 c0 48 0f af c3 48 8b 5d c0 48 c1 e8 20 83 c0 01 89 43 6c 48 83 c4 28 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc <0f> 0b f0 41 80 4f 48 04 45 85 f6 0f 84 ba fd ff ff e9 ef fe ff ff RSP: 0018:ffff977bc397b218 EFLAGS: 00010246 RAX: 00000000000027b9 RBX: 0000000000000000 RCX: 00000000000027c0 RDX: 0000000000000000 RSI: 00000000000027b9 RDI: ffff8c25ab4e74f8 RBP: ffff977bc397b268 R08: 00000000000027b9 R09: ffff8c29e4a34b40 R10: 0000000000000001 R11: ffff977bc397b0d8 R12: 0000000000000000 R13: ffff8c25b4dd81a0 R14: 0000000000000000 R15: ffff8c2f667f9000 FS: 0000000000000000(0000) GS:ffff8c344ec80000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000c00055d000 CR3: 0000000e30810003 CR4: 00000000003706e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace:

allocate_segment_by_default+0x9c/0x110 [f2fs] f2fs_allocate_data_block+0x243/0xa30 [f2fs] ? __mod_lruvec_page_state+0xa0/0x150 do_write_page+0x80/0x160 [f2fs] f2fs_do_write_node_page+0x32/0x50 [f2fs] __write_node_page+0x339/0x730 [f2fs] f2fs_sync_node_pages+0x5a6/0x780 [f2fs] block_operations+0x257/0x340 [f2fs] f2fs_write_checkpoint+0x102/0x1050 [f2fs] f2fs_gc+0x27c/0x630 [f2fs] ? folio_mark_dirty+0x36/0x70 f2fs_balance_fs+0x16f/0x180 [f2fs]

This patch adds checking whether free sections are enough before checkpoint during gc.

[Jaegeuk Kim: code clean-up]

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

In LFS mode, f2fs checkpoint during foreground garbage collection (GC) can crash the system when dirty node/dentry pages from data migration exceeds free space.

Vulnerability

Analysis

CVE-2023-54151 is a denial-of-service vulnerability in the Linux kernel's f2fs filesystem. When the filesystem is formatted and mounted in LFS (Log-structured File System) mode, performing a checkpoint during foreground garbage collection (GC) can trigger a system crash (oops). The crash occurs because the amount of dirty node and dentry pages generated by data migration surpasses the available free space. The fix adds a check to ensure enough free sections are available before proceeding with the checkpoint during GC.

Exploitation

To trigger the vulnerability, an attacker must have write access to a mounted f2fs filesystem in LFS mode on a 20 GiB capacity block device (like null_blk). The sequence involves creating a file, writing nearly 20,000 MiB of data, and then performing 4k random writes across the full file range. During subsequent foreground garbage collection, the system attempts a checkpoint, but due to the free space shortage, it hits a kernel panic as shown in the call trace, with the crash point at new_curseg+0x48a [1].

Impact

A local user with the ability to write to the filesystem can cause a kernel panic, leading to a denial of service that affects the entire system. The crash is confirmed by the reproduction steps and the stack trace provided, which ends with f2fs_gc triggering the failure [1].

Mitigation

The vulnerability has been patched in the Linux kernel. The fix is included in the stable kernel tree, as indicated by the commit references [1][2]. Users should update their kernel to a version containing the patch. No workarounds are mentioned; the recommended action is to apply the kernel update.

References
  1. Making sure you're not a bot!
  2. Making sure you're not a bot!

AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

1

Patches

3
f4631d295ae3
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
ce71c61d661c
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
d11cef14f814
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

3

News mentions

0

No linked articles in our index yet.