{"id":"CVE-2023-53820","summary":"loop: loop_set_status_from_info() check before assignment","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nloop: loop_set_status_from_info() check before assignment\n\nIn loop_set_status_from_info(), lo-\u003elo_offset and lo-\u003elo_sizelimit should\nbe checked before reassignment, because if an overflow error occurs, the\noriginal correct value will be changed to the wrong value, and it will not\nbe changed back.\n\nMore, the original patch did not solve the problem, the value was set and\nioctl returned an error, but the subsequent io used the value in the loop\ndriver, which still caused an alarm:\n\nloop_handle_cmd\n do_req_filebacked\n  loff_t pos = ((loff_t) blk_rq_pos(rq) \u003c\u003c 9) + lo-\u003elo_offset;\n  lo_rw_aio\n   cmd-\u003eiocb.ki_pos = pos","modified":"2026-03-20T12:33:21.904752Z","published":"2025-12-09T01:24:29.417Z","related":["SUSE-SU-2026:0263-1","SUSE-SU-2026:0317-1","SUSE-SU-2026:0411-1","SUSE-SU-2026:0617-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53820.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/258809bf22bf71d53247856f374f2b1d055f2fd4"},{"type":"WEB","url":"https://git.kernel.org/stable/c/2ea7077748e5d7cc64f1c31342c802fe66ea7426"},{"type":"WEB","url":"https://git.kernel.org/stable/c/3e7d0968203d668af6036b9f9199c7b62c8a3581"},{"type":"WEB","url":"https://git.kernel.org/stable/c/4be26d553a3f1d4f54f25353d1496c562002126d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/6bdf4e6dfb60cbb6121ccf027d97ed2ec97c0bcb"},{"type":"WEB","url":"https://git.kernel.org/stable/c/832580af82ace363205039a8e7c4ef04552ccc1a"},{"type":"WEB","url":"https://git.kernel.org/stable/c/861021710bba9dfa0749a3c209a6c1773208b1f1"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9f6ad5d533d1c71e51bdd06a5712c4fbc8768dfa"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c79a924ed6afac1708dfd370ba66bcf6a852ced6"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53820.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-53820"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"2035c770bfdbcc82bd52e05871a7c82db9529e0f"},{"fixed":"6bdf4e6dfb60cbb6121ccf027d97ed2ec97c0bcb"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"a217715338fd48f72114725aa7a40e484a781ca7"},{"fixed":"832580af82ace363205039a8e7c4ef04552ccc1a"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"13b2856037a651ba3ab4a8b25ecab3e791926da3"},{"fixed":"2ea7077748e5d7cc64f1c31342c802fe66ea7426"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"b40877b8562c5720d0a7fce20729f56b75a3dede"},{"fixed":"861021710bba9dfa0749a3c209a6c1773208b1f1"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"6858933131d0dadac071c4d33335a9ea4b8e76cf"},{"fixed":"c79a924ed6afac1708dfd370ba66bcf6a852ced6"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0455bef69028c65065f16bb04635591b2374249b"},{"fixed":"3e7d0968203d668af6036b9f9199c7b62c8a3581"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"c490a0b5a4f36da3918181a8acdc6991d967c5f3"},{"fixed":"4be26d553a3f1d4f54f25353d1496c562002126d"},{"fixed":"258809bf22bf71d53247856f374f2b1d055f2fd4"},{"fixed":"9f6ad5d533d1c71e51bdd06a5712c4fbc8768dfa"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"18e28817cb516b39de6281f6db9b0618b2cc7b42"},{"last_affected":"adf0112d9b8acb03485624220b4934f69bf13369"},{"last_affected":"9be7fa7ead18a48940df7b59d993bbc8b9055c15"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53820.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.19.312"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.20.0"},{"fixed":"5.4.274"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.5.0"},{"fixed":"5.10.173"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.100"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.18"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.0.0"},{"fixed":"6.2.5"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53820.json"}}],"schema_version":"1.7.5"}