In the Linux kernel, the following vulnerability has been resolved: md/raid10: check slab-out-of-bounds in md_bitmap_get_counter If we write a large number to md/bitmap_set_bits, md_bitmap_checkpage() will return -EINVAL because 'page >= bitmap->pages', but the return value was not checked immediately in md_bitmap_get_counter() in order to set *blocks value and slab-out-of-bounds occurs. Move check of 'page >= bitmap->pages' to md_bitmap_get_counter() and return directly if true.

Metrics

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Linux
  • Linux Kernel

No data.

No data.

References
Link Providers
https://git.kernel.org/stable/c/152bb26796ff054af50b2ee1b3ca56e364e4f61b cve-icon cve-icon
https://git.kernel.org/stable/c/301867b1c16805aebbc306aafa6ecdc68b73c7e5 cve-icon cve-icon
https://git.kernel.org/stable/c/374fb914304d9b500721007f3837ea8f1f9a2418 cve-icon cve-icon
https://git.kernel.org/stable/c/39fa14e824acfd470db4f42c354297456bd82b53 cve-icon cve-icon
https://git.kernel.org/stable/c/a134dd582c0d5b6068efa308bd485cf1d00b3f65 cve-icon cve-icon
https://git.kernel.org/stable/c/b0b971fe7d61411ede63c3291764dbde1577ef2c cve-icon cve-icon
https://git.kernel.org/stable/c/be1a3ec63a840cc9e59a033acf154f56255699a1 cve-icon cve-icon
https://git.kernel.org/stable/c/bea301c046110bf421a3ce153fb868cb8d618e90 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025091721-CVE-2023-53357-15aa@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2023-53357 cve-icon
https://www.cve.org/CVERecord?id=CVE-2023-53357 cve-icon
History

Thu, 18 Sep 2025 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Linux
Linux linux Kernel
Vendors & Products Linux
Linux linux Kernel

Thu, 18 Sep 2025 00:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 cvssV3_1

{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}

threat_severity

Important

Wed, 17 Sep 2025 15:00:00 +0000

Type Values Removed Values Added
Description In the Linux kernel, the following vulnerability has been resolved: md/raid10: check slab-out-of-bounds in md_bitmap_get_counter If we write a large number to md/bitmap_set_bits, md_bitmap_checkpage() will return -EINVAL because 'page >= bitmap->pages', but the return value was not checked immediately in md_bitmap_get_counter() in order to set *blocks value and slab-out-of-bounds occurs. Move check of 'page >= bitmap->pages' to md_bitmap_get_counter() and return directly if true.
Title md/raid10: check slab-out-of-bounds in md_bitmap_get_counter
References
cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-09-17T14:56:47.171Z

Updated: 2025-09-17T14:56:47.171Z

Reserved: 2025-09-16T16:08:59.567Z

Link: CVE-2023-53357

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-09-17T15:15:39.763

Modified: 2025-09-18T13:43:34.310

Link: CVE-2023-53357

cve-icon Redhat

Severity : Important

Publid Date: 2025-09-17T00:00:00Z

Links: CVE-2023-53357 - Bugzilla