{"id":"CVE-2023-54119","summary":"inotify: Avoid reporting event with invalid wd","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ninotify: Avoid reporting event with invalid wd\n\nWhen inotify_freeing_mark() races with inotify_handle_inode_event() it\ncan happen that inotify_handle_inode_event() sees that i_mark-\u003ewd got\nalready reset to -1 and reports this value to userspace which can\nconfuse the inotify listener. Avoid the problem by validating that wd is\nsensible (and pretend the mark got removed before the event got\ngenerated otherwise).","modified":"2026-05-18T05:57:12.694375235Z","published":"2025-12-24T13:06:39.692Z","related":["SUSE-SU-2026:0263-1","SUSE-SU-2026:0316-1","SUSE-SU-2026:0317-1","SUSE-SU-2026:0411-1","SUSE-SU-2026:0617-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54119.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/145f54ea336b06cf4f92eeee996f2ffca939ea43"},{"type":"WEB","url":"https://git.kernel.org/stable/c/17ad86d8c12220de97e80d88b5b4c934a40e1812"},{"type":"WEB","url":"https://git.kernel.org/stable/c/2d65c97777e5b4a845637800d5d7b648f5772106"},{"type":"WEB","url":"https://git.kernel.org/stable/c/8fb33166aed888769ea63d6af49515893f8a1f14"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a48bacee05860c6089c3482bcdc80720b0ee5732"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c915d8f5918bea7c3962b09b8884ca128bfd9b0c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/fb3294998489d39835006240e9c6e6b2ac62022e"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54119.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-54119"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"7e790dd5fc937bc8d2400c30a05e32a9e9eef276"},{"fixed":"8fb33166aed888769ea63d6af49515893f8a1f14"},{"fixed":"2d65c97777e5b4a845637800d5d7b648f5772106"},{"fixed":"17ad86d8c12220de97e80d88b5b4c934a40e1812"},{"fixed":"145f54ea336b06cf4f92eeee996f2ffca939ea43"},{"fixed":"fb3294998489d39835006240e9c6e6b2ac62022e"},{"fixed":"a48bacee05860c6089c3482bcdc80720b0ee5732"},{"fixed":"c915d8f5918bea7c3962b09b8884ca128bfd9b0c"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-54119.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"2.6.31"},{"fixed":"5.4.243"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.5.0"},{"fixed":"5.10.180"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.112"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.29"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.2.16"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.3.0"},{"fixed":"6.3.3"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-54119.json"}}],"schema_version":"1.7.5"}