CVE-2023-54194
Description
In the Linux kernel, the following vulnerability has been resolved:
exfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree
The call stack shown below is a scenario in the Linux 4.19 kernel. Allocating memory failed where exfat fs use kmalloc_array due to system memory fragmentation, while the u-disk was inserted without recognition. Devices such as u-disk using the exfat file system are pluggable and may be insert into the system at any time. However, long-term running systems cannot guarantee the continuity of physical memory. Therefore, it's necessary to address this issue.
Binder:2632_6: page allocation failure: order:4, mode:0x6040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null) Call trace: [242178.097582] dump_backtrace+0x0/0x4 [242178.097589] dump_stack+0xf4/0x134 [242178.097598] warn_alloc+0xd8/0x144 [242178.097603] __alloc_pages_nodemask+0x1364/0x1384 [242178.097608] kmalloc_order+0x2c/0x510 [242178.097612] kmalloc_order_trace+0x40/0x16c [242178.097618] __kmalloc+0x360/0x408 [242178.097624] load_alloc_bitmap+0x160/0x284 [242178.097628] exfat_fill_super+0xa3c/0xe7c [242178.097635] mount_bdev+0x2e8/0x3a0 [242178.097638] exfat_fs_mount+0x40/0x50 [242178.097643] mount_fs+0x138/0x2e8 [242178.097649] vfs_kern_mount+0x90/0x270 [242178.097655] do_mount+0x798/0x173c [242178.097659] ksys_mount+0x114/0x1ac [242178.097665] __arm64_sys_mount+0x24/0x34 [242178.097671] el0_svc_common+0xb8/0x1b8 [242178.097676] el0_svc_handler+0x74/0x90 [242178.097681] el0_svc+0x8/0x340
By analyzing the exfat code,we found that continuous physical memory is not required here,so kvmalloc_array is used can solve this problem.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Linux kernel exfat driver uses kvmalloc_array/kvfree to prevent mount failures on memory-fragmented systems.
Description
CVE-2023-54194 addresses a memory allocation failure in the Linux kernel's exfat file system driver when mounting removable media such as USB disks. The bug occurred in the load_alloc_bitmap function, which used kmalloc_array to allocate memory for the allocation bitmap. In long-running systems, physical memory fragmentation can prevent kmalloc_array from allocating contiguous pages, leading to a kernel warning and mount failure [1].
Attack
Vector and Requirements
To trigger the vulnerability, an attacker needs physical access to the system to insert a removable device formatted with exfat, or the ability to cause such a device to be connected. No special privileges are required beyond the ability to mount a filesystem. The condition manifests when the system has been running for an extended period and system memory is fragmented, causing a high-order allocation to fail [1].
Impact
When triggered, the kernel logs a "page allocation failure" warning and the exfat filesystem fails to mount, making the device inaccessible. This constitutes a denial of service (DoS) for the removable storage functionality. The vulnerability does not allow privilege escalation or arbitrary code execution; it only prevents legitimate use of exfat-formatted media [1].
Mitigation
The fix changes the allocation from kmalloc_array to kvmalloc_array, which can fall back to vmalloc if contiguous physical memory is unavailable, and uses kvfree for deallocation [1]. The patch has been applied to the upstream Linux kernel and should be backported to stable kernels as needed. Users should update their kernel to include the fix or apply the patch from the stable commit [1]. No workaround is available other than avoiding exfat on fragmented systems or ensuring sufficient contiguous memory.
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2Patches
579d16a84ea418a34a242cf031427a7e96fb90c5c3e8a2550daf60d6cca26Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
5- git.kernel.org/stable/c/0c5c3e8a2550b6b2a304b45f260296db9c09df96nvd
- git.kernel.org/stable/c/1427a7e96fb90d0896f74f5bcd21feb03cc7c3d0nvd
- git.kernel.org/stable/c/79d16a84ea41272dfcb0c00f9798ddd0edd8098dnvd
- git.kernel.org/stable/c/8a34a242cf03211cc89f68308d149b793f63c479nvd
- git.kernel.org/stable/c/daf60d6cca26e50d65dac374db92e58de745ad26nvd
News mentions
0No linked articles in our index yet.