{"id":"AZL-71885","summary":"CVE-2023-53323 affecting package kernel 5.15.200.1-1","details":"In the Linux kernel, the following vulnerability has been resolved:\n\next2/dax: Fix ext2_setsize when len is page aligned\n\nPAGE_ALIGN(x) macro gives the next highest value which is multiple of\npagesize. But if x is already page aligned then it simply returns x.\nSo, if x passed is 0 in dax_zero_range() function, that means the\nlength gets passed as 0 to -\u003eiomap_begin().\n\nIn ext2 it then calls ext2_get_blocks -\u003e max_blocks as 0 and hits bug_on\nhere in ext2_get_blocks().\n\tBUG_ON(maxblocks == 0);\n\nInstead we should be calling dax_truncate_page() here which takes\ncare of it. i.e. it only calls dax_zero_range if the offset is not\npage/block aligned.\n\nThis can be easily triggered with following on fsdax mounted pmem\ndevice.\n\ndd if=/dev/zero of=file count=1 bs=512\ntruncate -s 0 file\n\n[79.525838] EXT2-fs (pmem0): DAX enabled. Warning: EXPERIMENTAL, use at your own risk\n[79.529376] ext2 filesystem being mounted at /mnt1/test supports timestamps until 2038 (0x7fffffff)\n[93.793207] ------------[ cut here ]------------\n[93.795102] kernel BUG at fs/ext2/inode.c:637!\n[93.796904] invalid opcode: 0000 [#1] PREEMPT SMP PTI\n[93.798659] CPU: 0 PID: 1192 Comm: truncate Not tainted 6.3.0-rc2-xfstests-00056-g131086faa369 #139\n[93.806459] RIP: 0010:ext2_get_blocks.constprop.0+0x524/0x610\n\u003c...\u003e\n[93.835298] Call Trace:\n[93.836253]  \u003cTASK\u003e\n[93.837103]  ? lock_acquire+0xf8/0x110\n[93.838479]  ? d_lookup+0x69/0xd0\n[93.839779]  ext2_iomap_begin+0xa7/0x1c0\n[93.841154]  iomap_iter+0xc7/0x150\n[93.842425]  dax_zero_range+0x6e/0xa0\n[93.843813]  ext2_setsize+0x176/0x1b0\n[93.845164]  ext2_setattr+0x151/0x200\n[93.846467]  notify_change+0x341/0x4e0\n[93.847805]  ? lock_acquire+0xf8/0x110\n[93.849143]  ? do_truncate+0x74/0xe0\n[93.850452]  ? do_truncate+0x84/0xe0\n[93.851739]  do_truncate+0x84/0xe0\n[93.852974]  do_sys_ftruncate+0x2b4/0x2f0\n[93.854404]  do_syscall_64+0x3f/0x90\n[93.855789]  entry_SYSCALL_64_after_hwframe+0x72/0xdc","modified":"2026-04-01T05:22:06.331331Z","published":"2025-09-16T17:15:38Z","upstream":["CVE-2023-53323"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-53323"}],"affected":[{"package":{"name":"kernel","ecosystem":"Azure Linux:2","purl":"pkg:rpm/azure-linux/kernel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"last_affected":"5.15.200.1-1"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-71885.json"}}],"schema_version":"1.7.5"}