CVE-2023-54068 | f2fs: compress: fix to call f2fs_wait_on_page_writeback() in f2fs_write_raw_pages()

In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix to call f2fs_wait_on_page_writeback() in f2fs_write_raw_pages() BUG_ON() will be triggered when writing files concurrently, because the same page is writtenback multiple times. 1597 void folio_end_writeback(struct folio *folio) 1598 { ...... 1618 if (!__folio_end_writeback(folio)) 1619 BUG(); ...... 1625 } kernel BUG at mm/filemap.c:1619! Call Trace: <TASK> f2fs_write_end_io+0x1a0/0x370 blk_update_request+0x6c/0x410 blk_mq_end_request+0x15/0x130 blk_complete_reqs+0x3c/0x50 __do_softirq+0xb8/0x29b ? sort_range+0x20/0x20 run_ksoftirqd+0x19/0x20 smpboot_thread_fn+0x10b/0x1d0 kthread+0xde/0x110 ? kthread_complete_and_exit+0x20/0x20 ret_from_fork+0x22/0x30 </TASK> Below is the concurrency scenario: [Process A] [Process B] [Process C] f2fs_write_raw_pages() - redirty_page_for_writepage() - unlock page() f2fs_do_write_data_page() - lock_page() - clear_page_dirty_for_io() - set_page_writeback() [1st writeback] ..... - unlock page() generic_perform_write() - f2fs_write_begin() - wait_for_stable_page() - f2fs_write_end() - set_page_dirty() - lock_page() - f2fs_do_write_data_page() - set_page_writeback() [2st writeback] This problem was introduced by the previous commit 7377e853967b ("f2fs: compress: fix potential deadlock of compress file"). All pagelocks were released in f2fs_write_raw_pages(), but whether the page was in the writeback state was ignored in the subsequent writing process. Let's fix it by waiting for the page to writeback before writing.

公開: 2025-12-24 最終更新: 2026-06-17 Assigner: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 ソース: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

総合評価: CVE-2023-54068 は低リスク(7/100)。悪用される可能性が高い(EPSS 0.17%、7 パーセンタイル) 推奨対応: 総合リスクは低く緊急対応は不要です。通常の保守サイクルでパッチを適用し、CVSS / EPSS が上昇したら優先度を見直してください。

リスクは変動します。再評価に基づき、本ページの表示内容を更新しています。

CVE-2023-54068 の EPSS(Exploit Prediction Scoring System)スコア

EPSS は日次で悪用されやすさの相対度合いを推定します。パーセンタイルは採点済み CVE の中での相対位置(高いほど相対的に深刻)を示します。

# 日付 旧 EPSS スコア 新 EPSS スコア Δ(新 − 旧)
1 2026-06-15 0.02% 0.17% +0.15%
2 2025-12-25 0.02%

EPSS の全履歴 (全 2 件)

CVE-2023-54068 の CVSS(Common Vulnerability Scoring System)指標

この CVE の CVSS 指標。

この CVE のデータセットに CVSS はありません。

CVE-2023-54068 の弱点分類(列挙)

CVE-2023-54068 の OS トラッカー

vendor priority summary link
debian not yet assigned CVE-2023-54068 not yet assigned priority: Debian including 1 source packages (linux), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5. https://security-tracker.debian.org/tracker/CVE-2023-54068
redhat https://access.redhat.com/security/cve/CVE-2023-54068
suse medium CVE-2023-54068 severity moderate: SUSE including 26 source package names (cluster-md-kmp-default, dlm-kmp-default, …), 205 product×package rows across 42 product lines (SLES-LTSS-TERADATA 15 SP2, SUSE Linux Enterprise High Availability Extension 15 SP3, … (42 product lines)): Known Not Affected 205. https://www.suse.com/security/cve/CVE-2023-54068/
ubuntu medium CVE-2023-54068 medium priority: Ubuntu including 157 source packages (linux, linux-allwinner-5.19, …), 1405 status rows across 9 suites (bionic, focal, jammy, noble, plucky, questing, trusty, upstream, xenial): DNE 1010, ignored 173, released 111, not-affected 110, needs-triage 1. https://ubuntu.com/security/CVE-2023-54068

CVE-2023-54068 の影響を受けるソフトウェア/構成

ベンダー 製品 バージョン 生の CPE
linux linux_kernel >= 5.6, < 5.10.180 cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linux linux_kernel >= 5.6, < 5.15.111 cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linux linux_kernel >= 5.6, < 6.1.28 cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linux linux_kernel >= 5.6, < 6.2.15 cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linux linux_kernel >= 5.6, < 6.3.2 cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linux linux_kernel >= 5.6, < 6.4 cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

CVE-2023-54068 の参考情報

cvelogic Threat Intelligence