CVE-2023-53860 in Linux
Sumário
de VulDB • 27/05/2026
The crash occurs in `blkdev_direct_IO.part.0` during a direct I/O read operation on a block device. The key clues are:
1. **Call Chain**: - `__x64_sys_preadv2` → `do_preadv` → `vfs_readv` → `do_iter_read` → `blkdev_read_iter` → `blkdev_direct_IO.part.0` - This is a **direct I/O read** (`preadv2` syscall) on a block device.
2. **RIP**: `0x7f5af41ad806` is in user space (likely the application calling `preadv2`). The kernel crash happened in the kernel thread handling this syscall.
3. **RAX**: `0xffffffffffffffda` = **-22** = `-EINVAL` (Invalid argument). This suggests the kernel returned an error, but the crash happened *before* returning, likely during I/O submission or completion.
4. **Key Functions**: - `blkdev_direct_IO.part.0`: Handles direct I/O for block devices. - `blkdev_read_iter`: Iterates over I/O vectors for block device reads. - `do_iter_read`: Generic iteration for read operations.
### Likely Causes: - **Invalid I/O parameters**: Misaligned buffer, invalid length, or unsupported flags in `preadv2`. - **Block device issues**: The block device may not support direct I/O, or there’s a mismatch in sector alignment. - **Kernel bug**: A race condition or null pointer dereference in `blkdev_direct_IO`.
### Debugging Steps: 1. **Check dmesg** for additional error messages (e.g., `blk_update_request: I/O error`). 2. **Verify I/O alignment**: Direct I/O requires buffers aligned to the block device’s sector size (usually 512B or 4K). 3. **Test with `O_DIRECT` flag**: Ensure the application uses `O_DIRECT` correctly. 4. **Update kernel**: This may be a known bug fixed in newer kernels.
### Example Fix: If the application is using `preadv2`, ensure: - Buffers are aligned to the block device’s sector size. - Lengths are multiples of the sector size. - The block device supports direct I/O (check with `blockdev --getss /dev/sdX`).
If the issue persists, consider filing a bug report with the kernel developers, including: - Kernel version (`uname -r`). - Block device details (`lsblk`, `blockdev --report`). - Application code snippet performing the I/O.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.