{"id":"CVE-2023-52622","summary":"ext4: avoid online resizing failures due to oversized flex bg","details":"In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid online resizing failures due to oversized flex bg\n\nWhen we online resize an ext4 filesystem with a oversized flexbg_size,\n\n     mkfs.ext4 -F -G 67108864 $dev -b 4096 100M\n     mount $dev $dir\n     resize2fs $dev 16G\n\nthe following WARN_ON is triggered:\n==================================================================\nWARNING: CPU: 0 PID: 427 at mm/page_alloc.c:4402 __alloc_pages+0x411/0x550\nModules linked in: sg(E)\nCPU: 0 PID: 427 Comm: resize2fs Tainted: G  E  6.6.0-rc5+ #314\nRIP: 0010:__alloc_pages+0x411/0x550\nCall Trace:\n \u003cTASK\u003e\n __kmalloc_large_node+0xa2/0x200\n __kmalloc+0x16e/0x290\n ext4_resize_fs+0x481/0xd80\n __ext4_ioctl+0x1616/0x1d90\n ext4_ioctl+0x12/0x20\n __x64_sys_ioctl+0xf0/0x150\n do_syscall_64+0x3b/0x90\n==================================================================\n\nThis is because flexbg_size is too large and the size of the new_group_data\narray to be allocated exceeds MAX_ORDER. Currently, the minimum value of\nMAX_ORDER is 8, the minimum value of PAGE_SIZE is 4096, the corresponding\nmaximum number of groups that can be allocated is:\n\n (PAGE_SIZE \u003c\u003c MAX_ORDER) / sizeof(struct ext4_new_group_data) ≈ 21845\n\nAnd the value that is down-aligned to the power of 2 is 16384. Therefore,\nthis value is defined as MAX_RESIZE_BG, and the number of groups added\neach time does not exceed this value during resizing, and is added multiple\ntimes to complete the online resizing. The difference is that the metadata\nin a flex_bg may be more dispersed.","modified":"2026-04-02T09:43:09.705344Z","published":"2024-03-26T17:19:23.838Z","related":["ALSA-2024:5101","ALSA-2024:5102","SUSE-SU-2024:2360-1","SUSE-SU-2024:2372-1","SUSE-SU-2024:2381-1","SUSE-SU-2024:2394-1","SUSE-SU-2024:2561-1","SUSE-SU-2024:2571-1","SUSE-SU-2024:2896-1","SUSE-SU-2024:2939-1","SUSE-SU-2024:2973-1","SUSE-SU-2025:20008-1","SUSE-SU-2025:20028-1","USN-6818-2","USN-6819-2"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52622.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/5d1935ac02ca5aee364a449a35e2977ea84509b0"},{"type":"WEB","url":"https://git.kernel.org/stable/c/6d2cbf517dcabc093159cf138ad5712c9c7fa954"},{"type":"WEB","url":"https://git.kernel.org/stable/c/8b1413dbfe49646eda2c00c0f1144ee9d3368e0c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b183fe8702e78bba3dcef8e7193cab6898abee07"},{"type":"WEB","url":"https://git.kernel.org/stable/c/cd1f93ca97a9136989f3bd2bf90696732a2ed644"},{"type":"WEB","url":"https://git.kernel.org/stable/c/cfbbb3199e71b63fc26cee0ebff327c47128a1e8"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d76c8d7ffe163c6bf2f1ef680b0539c2b3902b90"},{"type":"WEB","url":"https://git.kernel.org/stable/c/dc3e0f55bec4410f3d74352c4a7c79f518088ee2"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52622.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52622"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"28c7bac0091687e6116ebd6c179e154ae4053c90"},{"fixed":"cd1f93ca97a9136989f3bd2bf90696732a2ed644"},{"fixed":"b183fe8702e78bba3dcef8e7193cab6898abee07"},{"fixed":"cfbbb3199e71b63fc26cee0ebff327c47128a1e8"},{"fixed":"d76c8d7ffe163c6bf2f1ef680b0539c2b3902b90"},{"fixed":"6d2cbf517dcabc093159cf138ad5712c9c7fa954"},{"fixed":"8b1413dbfe49646eda2c00c0f1144ee9d3368e0c"},{"fixed":"dc3e0f55bec4410f3d74352c4a7c79f518088ee2"},{"fixed":"5d1935ac02ca5aee364a449a35e2977ea84509b0"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-52622.json"}}],"schema_version":"1.7.5"}