{"id":"CVE-2023-53214","summary":"f2fs: fix to avoid potential memory corruption in __update_iostat_latency()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to avoid potential memory corruption in __update_iostat_latency()\n\nAdd iotype sanity check to avoid potential memory corruption.\nThis is to fix the compile error below:\n\nfs/f2fs/iostat.c:231 __update_iostat_latency() error: buffer overflow\n'io_lat-\u003epeak_lat[type]' 3 \u003c= 3\n\nvim +228 fs/f2fs/iostat.c\n\n  211  static inline void __update_iostat_latency(struct bio_iostat_ctx\n\t*iostat_ctx,\n  212\t\t\t\t\tenum iostat_lat_type type)\n  213  {\n  214\t\tunsigned long ts_diff;\n  215\t\tunsigned int page_type = iostat_ctx-\u003etype;\n  216\t\tstruct f2fs_sb_info *sbi = iostat_ctx-\u003esbi;\n  217\t\tstruct iostat_lat_info *io_lat = sbi-\u003eiostat_io_lat;\n  218\t\tunsigned long flags;\n  219\n  220\t\tif (!sbi-\u003eiostat_enable)\n  221\t\t\treturn;\n  222\n  223\t\tts_diff = jiffies - iostat_ctx-\u003esubmit_ts;\n  224\t\tif (page_type \u003e= META_FLUSH)\n                                 ^^^^^^^^^^\n\n  225\t\t\tpage_type = META;\n  226\n  227\t\tspin_lock_irqsave(&sbi-\u003eiostat_lat_lock, flags);\n @228\t\tio_lat-\u003esum_lat[type][page_type] += ts_diff;\n                                      ^^^^^^^^^\nMixup between META_FLUSH and NR_PAGE_TYPE leads to memory corruption.","modified":"2026-04-02T09:43:47.956776Z","published":"2025-09-15T14:21:42.331Z","database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53214.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/0dbbf0fb38d5ec5d4138d1aeaeb43d9217b9a592"},{"type":"WEB","url":"https://git.kernel.org/stable/c/20b4f3de0f3932f71b4a8daf0671e517a8d98022"},{"type":"WEB","url":"https://git.kernel.org/stable/c/22ddbbff116ee7dce5431feb1c0f36a507d2d68d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/aa4d726af72a21732ce120484e0b1240674a13b3"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53214.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-53214"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"a4b6817625e71d5d4aee16cacf7a7fec077c6dbe"},{"fixed":"aa4d726af72a21732ce120484e0b1240674a13b3"},{"fixed":"22ddbbff116ee7dce5431feb1c0f36a507d2d68d"},{"fixed":"20b4f3de0f3932f71b4a8daf0671e517a8d98022"},{"fixed":"0dbbf0fb38d5ec5d4138d1aeaeb43d9217b9a592"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53214.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}