1. Home
  2. Vulnerabilities
  3. CVE-2023-54124
0.0
NA
CVE-2023-54124
f2fs: fix to drop all dirty pages during umount() if cp_error is set
Description

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to drop all dirty pages during umount() if cp_error is set xfstest generic/361 reports a bug as below: f2fs_bug_on(sbi, sbi->fsync_node_num); kernel BUG at fs/f2fs/super.c:1627! RIP: 0010:f2fs_put_super+0x3a8/0x3b0 Call Trace: generic_shutdown_super+0x8c/0x1b0 kill_block_super+0x2b/0x60 kill_f2fs_super+0x87/0x110 deactivate_locked_super+0x39/0x80 deactivate_super+0x46/0x50 cleanup_mnt+0x109/0x170 __cleanup_mnt+0x16/0x20 task_work_run+0x65/0xa0 exit_to_user_mode_prepare+0x175/0x190 syscall_exit_to_user_mode+0x25/0x50 do_syscall_64+0x4c/0x90 entry_SYSCALL_64_after_hwframe+0x72/0xdc During umount(), if cp_error is set, f2fs_wait_on_all_pages() should not stop waiting all F2FS_WB_CP_DATA pages to be writebacked, otherwise, fsync_node_num can be non-zero after f2fs_wait_on_all_pages() causing this bug. In this case, to avoid deadloop in f2fs_wait_on_all_pages(), it needs to drop all dirty pages rather than redirtying them.

INFO

Published Date :

Dec. 24, 2025, 1:16 p.m.

Last Modified :

Dec. 24, 2025, 1:16 p.m.

Remotely Exploit :

No

Source :

416baaa9-dc9f-4396-8d5f-8c081fb06d67
Affected Products

The following products are affected by CVE-2023-54124 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

No affected product recoded yet

: Total Affected Vendor : 0 | Products : 0
Solution
Resolve a bug during unmount when cp_error is set by dropping dirty pages.
  • Apply the Linux kernel patch.
  • Update the kernel to the fixed version.
  • Reboot the system after patching.
  • Test the unmount operation.
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2023-54124.

URL Resource
https://git.kernel.org/stable/c/4ceedc2f8bdffb82e40b7d1bb912304f8e157cb1
https://git.kernel.org/stable/c/7741ddc882a0c806a6508ba8203c55a779db7a21
https://git.kernel.org/stable/c/82c3d6e9db41cbd3af1d4f90bdb441740b5fad10
https://git.kernel.org/stable/c/92575f05a32dafb16348bfa5e62478118a9be069
https://git.kernel.org/stable/c/ad87bd313f70b51e48019d5ce2d02d73152356b3
https://git.kernel.org/stable/c/c9b3649a934d131151111354bcbb638076f03a30
https://git.kernel.org/stable/c/d8f4ad5f3979dbd8e6251259562f12472717883a
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2023-54124 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2023-54124 weaknesses.

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2023-54124 vulnerability anywhere in the article.

Results are limited to the first 20 news articles due to potential performance issues.

The following table lists the changes that have been made to the CVE-2023-54124 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67

    Dec. 24, 2025

    Action Type Old Value New Value
    Added Description In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to drop all dirty pages during umount() if cp_error is set xfstest generic/361 reports a bug as below: f2fs_bug_on(sbi, sbi->fsync_node_num); kernel BUG at fs/f2fs/super.c:1627! RIP: 0010:f2fs_put_super+0x3a8/0x3b0 Call Trace: generic_shutdown_super+0x8c/0x1b0 kill_block_super+0x2b/0x60 kill_f2fs_super+0x87/0x110 deactivate_locked_super+0x39/0x80 deactivate_super+0x46/0x50 cleanup_mnt+0x109/0x170 __cleanup_mnt+0x16/0x20 task_work_run+0x65/0xa0 exit_to_user_mode_prepare+0x175/0x190 syscall_exit_to_user_mode+0x25/0x50 do_syscall_64+0x4c/0x90 entry_SYSCALL_64_after_hwframe+0x72/0xdc During umount(), if cp_error is set, f2fs_wait_on_all_pages() should not stop waiting all F2FS_WB_CP_DATA pages to be writebacked, otherwise, fsync_node_num can be non-zero after f2fs_wait_on_all_pages() causing this bug. In this case, to avoid deadloop in f2fs_wait_on_all_pages(), it needs to drop all dirty pages rather than redirtying them.
    Added Reference https://git.kernel.org/stable/c/4ceedc2f8bdffb82e40b7d1bb912304f8e157cb1
    Added Reference https://git.kernel.org/stable/c/7741ddc882a0c806a6508ba8203c55a779db7a21
    Added Reference https://git.kernel.org/stable/c/82c3d6e9db41cbd3af1d4f90bdb441740b5fad10
    Added Reference https://git.kernel.org/stable/c/92575f05a32dafb16348bfa5e62478118a9be069
    Added Reference https://git.kernel.org/stable/c/ad87bd313f70b51e48019d5ce2d02d73152356b3
    Added Reference https://git.kernel.org/stable/c/c9b3649a934d131151111354bcbb638076f03a30
    Added Reference https://git.kernel.org/stable/c/d8f4ad5f3979dbd8e6251259562f12472717883a
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
Vulnerability Scoring Details
No CVSS metrics available for this vulnerability.