{"id":"CVE-2023-54177","summary":"quota: fix warning in dqgrab()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nquota: fix warning in dqgrab()\n\nThere's issue as follows when do fault injection:\nWARNING: CPU: 1 PID: 14870 at include/linux/quotaops.h:51 dquot_disable+0x13b7/0x18c0\nModules linked in:\nCPU: 1 PID: 14870 Comm: fsconfig Not tainted 6.3.0-next-20230505-00006-g5107a9c821af-dirty #541\nRIP: 0010:dquot_disable+0x13b7/0x18c0\nRSP: 0018:ffffc9000acc79e0 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff88825e41b980\nRDX: 0000000000000000 RSI: ffff88825e41b980 RDI: 0000000000000002\nRBP: ffff888179f68000 R08: ffffffff82087ca7 R09: 0000000000000000\nR10: 0000000000000001 R11: ffffed102f3ed026 R12: ffff888179f68130\nR13: ffff888179f68110 R14: dffffc0000000000 R15: ffff888179f68118\nFS: 00007f450a073740(0000) GS:ffff88882fc00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007ffe96f2efd8 CR3: 000000025c8ad000 CR4: 00000000000006e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n dquot_load_quota_sb+0xd53/0x1060\n dquot_resume+0x172/0x230\n ext4_reconfigure+0x1dc6/0x27b0\n reconfigure_super+0x515/0xa90\n __x64_sys_fsconfig+0xb19/0xd20\n do_syscall_64+0x39/0xb0\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nAbove issue may happens as follows:\nProcessA ProcessB ProcessC\nsys_fsconfig\n vfs_fsconfig_locked\n reconfigure_super\n ext4_remount\n dquot_suspend -\u003e suspend all type quota\n\n sys_fsconfig\n vfs_fsconfig_locked\n reconfigure_super\n ext4_remount\n dquot_resume\n ret = dquot_load_quota_sb\n add_dquot_ref\n do_open -\u003e open file O_RDWR\n vfs_open\n do_dentry_open\n get_write_access\n atomic_inc_unless_negative(&inode-\u003ei_writecount)\n ext4_file_open\n dquot_file_open\n dquot_initialize\n __dquot_initialize\n dqget\n\t\t\t\t\t\t atomic_inc(&dquot-\u003edq_count);\n\n __dquot_initialize\n __dquot_initialize\n dqget\n if (!test_bit(DQ_ACTIVE_B, &dquot-\u003edq_flags))\n ext4_acquire_dquot\n\t\t\t -\u003e Return error DQ_ACTIVE_B flag isn't set\n dquot_disable\n\t\t\t invalidate_dquots\n\t\t\t if (atomic_read(&dquot-\u003edq_count))\n\t dqgrab\n\t\t\t WARN_ON_ONCE(!test_bit(DQ_ACTIVE_B, &dquot-\u003edq_flags))\n\t -\u003e Trigger warning\n\nIn the above scenario, 'dquot-\u003edq_flags' has no DQ_ACTIVE_B is normal when\ndqgrab().\nTo solve above issue just replace the dqgrab() use in invalidate_dquots() with\natomic_inc(&dquot-\u003edq_count).","modified":"2026-03-31T17:29:25.898225Z","published":"2025-12-30T12:08:49.588Z","related":["SUSE-SU-2026:0263-1","SUSE-SU-2026:0278-1","SUSE-SU-2026:0281-1","SUSE-SU-2026:0293-1","SUSE-SU-2026:0315-1","SUSE-SU-2026:0316-1","SUSE-SU-2026:0317-1","SUSE-SU-2026:0411-1","SUSE-SU-2026:0617-1","SUSE-SU-2026:20477-1","SUSE-SU-2026:20498-1","SUSE-SU-2026:20845-1","SUSE-SU-2026:20876-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54177.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/3f378783c47b5749317ea008d8c931d6d3986d8f"},{"type":"WEB","url":"https://git.kernel.org/stable/c/579d814de87c3cac69c9b261efa165d07cde3357"},{"type":"WEB","url":"https://git.kernel.org/stable/c/6432843debe1ec7d76c5b2f76c67f9c5df22436e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/6478eabc92274efae6269da7c515ba2b4c8e88d8"},{"type":"WEB","url":"https://git.kernel.org/stable/c/6f4e543d277a12dfeff027e6ab24a170e1bfc160"},{"type":"WEB","url":"https://git.kernel.org/stable/c/965bad2bf1afef64ec16249da676dc7310cca32e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/cbaebbba722cb9738c55903efce11f51cdd97bee"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d6a95db3c7ad160bc16b89e36449705309b52bcb"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54177.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-54177"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"9f985cb6c45bc3f8b7e161c9658d409d051d576f"},{"fixed":"6478eabc92274efae6269da7c515ba2b4c8e88d8"},{"fixed":"965bad2bf1afef64ec16249da676dc7310cca32e"},{"fixed":"3f378783c47b5749317ea008d8c931d6d3986d8f"},{"fixed":"cbaebbba722cb9738c55903efce11f51cdd97bee"},{"fixed":"579d814de87c3cac69c9b261efa165d07cde3357"},{"fixed":"6432843debe1ec7d76c5b2f76c67f9c5df22436e"},{"fixed":"6f4e543d277a12dfeff027e6ab24a170e1bfc160"},{"fixed":"d6a95db3c7ad160bc16b89e36449705309b52bcb"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"b5258061a2a8f657aa5900dd3c1ded9e868e3544"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-54177.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"3.15.0"},{"fixed":"4.14.324"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.15.0"},{"fixed":"4.19.293"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.20.0"},{"fixed":"5.4.255"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.5.0"},{"fixed":"5.10.192"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.123"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.42"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.4.7"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-54177.json"}}],"schema_version":"1.7.5"}