{"id":"CVE-2023-53695","summary":"udf: Detect system inodes linked into directory hierarchy","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nudf: Detect system inodes linked into directory hierarchy\n\nWhen UDF filesystem is corrupted, hidden system inodes can be linked\ninto directory hierarchy which is an avenue for further serious\ncorruption of the filesystem and kernel confusion as noticed by syzbot\nfuzzed images. Refuse to access system inodes linked into directory\nhierarchy and vice versa.","modified":"2026-03-20T12:33:18.147900Z","published":"2025-10-22T13:23:36.524Z","related":["SUSE-SU-2025:4111-1","SUSE-SU-2025:4139-1","SUSE-SU-2025:4149-1","SUSE-SU-2025:4189-1","SUSE-SU-2025:4320-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53695.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/1dc71eeb198a8daa17d0c995998a53b0b749a158"},{"type":"WEB","url":"https://git.kernel.org/stable/c/1f328751b65c49c13a312d67a3bf27766b85baf7"},{"type":"WEB","url":"https://git.kernel.org/stable/c/37e74003d81e79457535cbbdfa1603431c03fac0"},{"type":"WEB","url":"https://git.kernel.org/stable/c/85a37983ec69cc9fcd188bc37c4de15ee326355a"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9e3b5ef7d02eaa6553e79b4af9bd99227280f245"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a44ec34b90440ada190924f5908b97026504fdcd"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d747b31e2925a2f384e7dd1901a2e5bc5f984ed8"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53695.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-53695"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"6174c2eb8ecef271159bdcde460ce8af54d8f72f"},{"fixed":"1dc71eeb198a8daa17d0c995998a53b0b749a158"},{"fixed":"d747b31e2925a2f384e7dd1901a2e5bc5f984ed8"},{"fixed":"a44ec34b90440ada190924f5908b97026504fdcd"},{"fixed":"37e74003d81e79457535cbbdfa1603431c03fac0"},{"fixed":"1f328751b65c49c13a312d67a3bf27766b85baf7"},{"fixed":"9e3b5ef7d02eaa6553e79b4af9bd99227280f245"},{"fixed":"85a37983ec69cc9fcd188bc37c4de15ee326355a"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"801c7a20d255e300ab51a6fcb1d0e218d136b16f"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53695.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"3.18.0"},{"fixed":"4.19.278"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.20.0"},{"fixed":"5.4.235"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.5.0"},{"fixed":"5.10.173"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.99"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.16"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.2.3"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53695.json"}}],"schema_version":"1.7.5"}