{"id":"CVE-2023-53722","summary":"md: raid1: fix potential OOB in raid1_remove_disk()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nmd: raid1: fix potential OOB in raid1_remove_disk()\n\nIf rddev-\u003eraid_disk is greater than mddev-\u003eraid_disks, there will be\nan out-of-bounds in raid1_remove_disk(). We have already found\nsimilar reports as follows:\n\n1) commit d17f744e883b (\"md-raid10: fix KASAN warning\")\n2) commit 1ebc2cec0b7d (\"dm raid: fix KASAN warning in raid5_remove_disk\")\n\nFix this bug by checking whether the \"number\" variable is\nvalid.","modified":"2026-04-02T09:44:58.941373Z","published":"2025-10-22T13:23:53.329Z","related":["SUSE-SU-2025:21040-1","SUSE-SU-2025:21052-1","SUSE-SU-2025:21056-1","SUSE-SU-2025:21064-1","SUSE-SU-2025:4057-1","SUSE-SU-2025:4111-1","SUSE-SU-2025:4128-1","SUSE-SU-2025:4132-1","SUSE-SU-2025:4135-1","SUSE-SU-2025:4139-1","SUSE-SU-2025:4140-1","SUSE-SU-2025:4141-1","SUSE-SU-2025:4149-1","SUSE-SU-2025:4188-1","SUSE-SU-2025:4189-1","SUSE-SU-2025:4301-1","SUSE-SU-2025:4315-1","SUSE-SU-2025:4320-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53722.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/25a68f2286be56fb3a6f9fa0e269c04b5e6c6e24"},{"type":"WEB","url":"https://git.kernel.org/stable/c/4bdb92eaf645e312975357adc3c4e9523b6e67f1"},{"type":"WEB","url":"https://git.kernel.org/stable/c/4f7d853b4590fc20e90dd50e346c02811a8c5b08"},{"type":"WEB","url":"https://git.kernel.org/stable/c/4f96c0665f9f4cf70130c9757750dc43dc679c82"},{"type":"WEB","url":"https://git.kernel.org/stable/c/7993cfc041481a3a9cd4a3858088fc846b8ccaf7"},{"type":"WEB","url":"https://git.kernel.org/stable/c/8b0472b50bcf0f19a5119b00a53b63579c8e1e4d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/91fbd4e75cb573f44d2619a9dc2f9ba927040760"},{"type":"WEB","url":"https://git.kernel.org/stable/c/beedf40f73939f248c81802eda08a2a8148ea13e"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53722.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-53722"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"b8321b68d1445f308324517e45fb0a5c2b48e271"},{"fixed":"beedf40f73939f248c81802eda08a2a8148ea13e"},{"fixed":"91fbd4e75cb573f44d2619a9dc2f9ba927040760"},{"fixed":"25a68f2286be56fb3a6f9fa0e269c04b5e6c6e24"},{"fixed":"7993cfc041481a3a9cd4a3858088fc846b8ccaf7"},{"fixed":"4f96c0665f9f4cf70130c9757750dc43dc679c82"},{"fixed":"4f7d853b4590fc20e90dd50e346c02811a8c5b08"},{"fixed":"4bdb92eaf645e312975357adc3c4e9523b6e67f1"},{"fixed":"8b0472b50bcf0f19a5119b00a53b63579c8e1e4d"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53722.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"3.3.0"},{"fixed":"4.14.326"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.15.0"},{"fixed":"4.19.295"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.20.0"},{"fixed":"5.4.257"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.5.0"},{"fixed":"5.10.197"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.133"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.55"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.5.5"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53722.json"}}],"schema_version":"1.7.5"}