VYPR
← All advisories
Unrated severityNVD Advisory· Published Dec 30, 2025· Updated Apr 15, 2026

CVE-2023-54272

CVE-2023-54272

Description

In the Linux kernel, the following vulnerability has been resolved:

fs/ntfs3: Fix a possible null-pointer dereference in ni_clear()

In a previous commit c1006bd13146, ni->mi.mrec in ni_write_inode() could be NULL, and thus a NULL check is added for this variable.

However, in the same call stack, ni->mi.mrec can be also dereferenced in ni_clear():

ntfs_evict_inode(inode) ni_write_inode(inode, ...) ni = ntfs_i(inode); is_rec_inuse(ni->mi.mrec) -> Add a NULL check by previous commit ni_clear(ntfs_i(inode)) is_rec_inuse(ni->mi.mrec) -> No check

Thus, a possible null-pointer dereference may exist in ni_clear(). To fix it, a NULL check is added in this function.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A null-pointer dereference in Linux kernel's ntfs3 driver ni_clear() function could cause a crash when evicting an NTFS inode.

Vulnerability

In the Linux kernel's ntfs3 filesystem driver, a null-pointer dereference vulnerability exists in the ni_clear() function. The issue arises because ni->mi.mrec can be NULL when ni_clear() is called from the inode eviction path (ntfs_evict_inode). While a previous commit (c1006bd13146) added a NULL check for ni->mi.mrec in ni_write_inode(), the same dereference occurs in ni_clear() without a corresponding check [1][2].

Exploitation

An attacker would need local access to the system and the ability to trigger inode eviction on a mounted NTFS filesystem. The vulnerability is triggered during normal filesystem operations when the kernel evicts an NTFS inode, leading to a call to ni_clear() with a potentially NULL ni->mi.mrec pointer. No special privileges beyond the ability to interact with the filesystem are required.

Impact

Successful exploitation results in a kernel NULL pointer dereference, causing a system crash (denial of service). The vulnerability does not appear to allow privilege escalation or arbitrary code execution based on the available information.

Mitigation

The fix adds a NULL check for ni->mi.mrec in ni_clear(), preventing the dereference. The patch has been applied to the stable kernel branches as commits 39c631200957 and ec275bf9693d [1][2]. Users should update their kernel to include these patches.

References
  1. Making sure you're not a bot!
  2. Making sure you're not a bot!

AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

1

Patches

4
20f9bfc664d6
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
39c631200957
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
e7675f85a922
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
ec275bf9693d
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

4

News mentions

0

No linked articles in our index yet.