CVE-2023-53860 in Linuxinformação

Sumário

de VulDB • 27/05/2026

The crash occurs in `blkdev_direct_IO.part.0` during a direct I/O read operation on a block device. The key clues are:

1. **Call Chain**: - `__x64_sys_preadv2` → `do_preadv` → `vfs_readv` → `do_iter_read` → `blkdev_read_iter` → `blkdev_direct_IO.part.0` - This is a **direct I/O read** (`preadv2` syscall) on a block device.

2. **RIP**: `0x7f5af41ad806` is in user space (likely the application calling `preadv2`). The kernel crash happened in the kernel thread handling this syscall.

3. **RAX**: `0xffffffffffffffda` = **-22** = `-EINVAL` (Invalid argument). This suggests the kernel returned an error, but the crash happened *before* returning, likely during I/O submission or completion.

4. **Key Functions**: - `blkdev_direct_IO.part.0`: Handles direct I/O for block devices. - `blkdev_read_iter`: Iterates over I/O vectors for block device reads. - `do_iter_read`: Generic iteration for read operations.

### Likely Causes: - **Invalid I/O parameters**: Misaligned buffer, invalid length, or unsupported flags in `preadv2`. - **Block device issues**: The block device may not support direct I/O, or there’s a mismatch in sector alignment. - **Kernel bug**: A race condition or null pointer dereference in `blkdev_direct_IO`.

### Debugging Steps: 1. **Check dmesg** for additional error messages (e.g., `blk_update_request: I/O error`). 2. **Verify I/O alignment**: Direct I/O requires buffers aligned to the block device’s sector size (usually 512B or 4K). 3. **Test with `O_DIRECT` flag**: Ensure the application uses `O_DIRECT` correctly. 4. **Update kernel**: This may be a known bug fixed in newer kernels.

### Example Fix: If the application is using `preadv2`, ensure: - Buffers are aligned to the block device’s sector size. - Lengths are multiples of the sector size. - The block device supports direct I/O (check with `blockdev --getss /dev/sdX`).

If the issue persists, consider filing a bug report with the kernel developers, including: - Kernel version (`uname -r`). - Block device details (`lsblk`, `blockdev --report`). - Application code snippet performing the I/O.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Responsável

Linux

Reservar

09/12/2025

Divulgação

09/12/2025

Moderação

aceite

Entrada

VDB-335119

CPE

pronto

EPSS

0.00197

KEV

não

Atividades

muito baixo

Fontes

Want to stay up to date on a daily basis?

Enable the mail alert feature now!