Home

Description

In the Linux kernel, the following vulnerability has been resolved: ext4: turn quotas off if mount failed after enabling quotas Yi found during a review of the patch "ext4: don't BUG on inconsistent journal feature" that when ext4_mark_recovery_complete() returns an error value, the error handling path does not turn off the enabled quotas, which triggers the following kmemleak: ================================================================ unreferenced object 0xffff8cf68678e7c0 (size 64): comm "mount", pid 746, jiffies 4294871231 (age 11.540s) hex dump (first 32 bytes): 00 90 ef 82 f6 8c ff ff 00 00 00 00 41 01 00 00 ............A... c7 00 00 00 bd 00 00 00 0a 00 00 00 48 00 00 00 ............H... backtrace: [<00000000c561ef24>] __kmem_cache_alloc_node+0x4d4/0x880 [<00000000d4e621d7>] kmalloc_trace+0x39/0x140 [<00000000837eee74>] v2_read_file_info+0x18a/0x3a0 [<0000000088f6c877>] dquot_load_quota_sb+0x2ed/0x770 [<00000000340a4782>] dquot_load_quota_inode+0xc6/0x1c0 [<0000000089a18bd5>] ext4_enable_quotas+0x17e/0x3a0 [ext4] [<000000003a0268fa>] __ext4_fill_super+0x3448/0x3910 [ext4] [<00000000b0f2a8a8>] ext4_fill_super+0x13d/0x340 [ext4] [<000000004a9489c4>] get_tree_bdev+0x1dc/0x370 [<000000006e723bf1>] ext4_get_tree+0x1d/0x30 [ext4] [<00000000c7cb663d>] vfs_get_tree+0x31/0x160 [<00000000320e1bed>] do_new_mount+0x1d5/0x480 [<00000000c074654c>] path_mount+0x22e/0xbe0 [<0000000003e97a8e>] do_mount+0x95/0xc0 [<000000002f3d3736>] __x64_sys_mount+0xc4/0x160 [<0000000027d2140c>] do_syscall_64+0x3f/0x90 ================================================================ To solve this problem, we add a "failed_mount10" tag, and call ext4_quota_off_umount() in this tag to release the enabled qoutas.

PUBLISHED Reserved 2025-12-24 | Published 2025-12-24 | Updated 2025-12-24 | Assigner Linux

Product status

Default status
unaffected

11215630aada28307ba555a43138db6ac54fa825 (git) before c327b83c59ee938792a0300df646efac39c7d6a7
affected

11215630aada28307ba555a43138db6ac54fa825 (git) before deef86fa3005cbb61ae8aa5729324c09b3f4ba73
affected

11215630aada28307ba555a43138db6ac54fa825 (git) before 77c3ca1108eb4a26db4f256c42b271a430cebc7d
affected

11215630aada28307ba555a43138db6ac54fa825 (git) before d13f99632748462c32fc95d729f5e754bab06064
affected

60e2824ab30a19c7aaf5a3932bc155d18b2cd816 (git)
affected

a6d49257cbe53c7bca1a0353a6443f53cbed9cc7 (git)
affected

2e7312ddaf629eecf4702b662da477a3bc39c31a (git)
affected

d558851e5ff443b020245b7a1a455c55accf740b (git)
affected

Default status
affected

5.9
affected

Any version before 5.9
unaffected

5.15.121 (semver)
unaffected

6.1.40 (semver)
unaffected

6.4.5 (semver)
unaffected

6.5 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/c327b83c59ee938792a0300df646efac39c7d6a7

git.kernel.org/...c/deef86fa3005cbb61ae8aa5729324c09b3f4ba73

git.kernel.org/...c/77c3ca1108eb4a26db4f256c42b271a430cebc7d

git.kernel.org/...c/d13f99632748462c32fc95d729f5e754bab06064

cve.org (CVE-2023-54153)

nvd.nist.gov (CVE-2023-54153)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.