What is CVE-2023-54311?

CVE-2023-54311 is a unscored severity Linux kernel vulnerability, affecting Linux kernel versions from 3.8 onward and patched in 5.4.243, 5.10.180, 5.15.112 and others. CVE-2023-54311 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

What is the CVSS score for CVE-2023-54311?

CVE-2023-54311 has a CVSS score of pending NVD analysis out of 10, rated awaiting scoring severity.

Is there a patch available for CVE-2023-54311?

Yes, CVE-2023-54311 has been patched. Fixed versions include 5.4.243, 5.10.180, 5.15.112 and others. If you are running Linux kernel 3.8 or later up to the fix versions, apply the relevant patch for your kernel branch.

Is CVE-2023-54311 actively exploited?

CVE-2023-54311 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

CVE-2023-54311

In the Linux kernel, the following vulnerability has been resolved: ext4: fix deadlock when converting an inline directory in nojournal mode In no journal mode, ext4_finish_convert_inline_dir() can self-deadlock by calling ext4_handle_dirty_dirblock() when it already has taken the directory lock. There is a similar self-deadlock in ext4_incvert_inline_data_nolock() for data files which we'll fix at the same time. A simple reproducer demonstrating the problem: mke2fs -Fq -t ext2 -O inline_data -b 4k /dev/vdc 64 mount -t ext4 -o dirsync /dev/vdc /vdc cd /vdc mkdir file0 cd file0 touch file0 touch file1 attr -s BurnSpaceInEA -V abcde . touch supercalifragilisticexpialidocious

Package Linux Kernel

Published 2025-12-30

Last modified 2026-04-15

Patch available

Yes

Affected versions

Linux kernel versions 3.8 and later are affected. Fixed in 5.4.243, 5.10.180, 5.15.112, 6.1.29, 6.2.16, 6.3.3, 6.4 and their respective stable series.

Affected from

≥ 3.8

Fixed in

✓ 5.4.243 5.4.x ✓ 5.10.180 5.10.x ✓ 5.15.112 5.15.x ✓ 6.1.29 6.1.x ✓ 6.2.16 6.2.x ✓ 6.3.3 6.3.x ✓ 6.4

References

The following references provide additional information about CVE-2023-54311 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.

Kernel patch commit
https://git.kernel.org/stable/c/0b1c4357bb21d9770451a1bdb8d419ea10bada88
Patch
Kernel patch commit
https://git.kernel.org/stable/c/5f8b55136ad787aed2c184f7cb3e93772ae637a3
Patch
Kernel patch commit
https://git.kernel.org/stable/c/640c8c365999c6f23447ac766437236ad88317c5
Patch

7 patch commits total View all on NVD

Frequently asked questions

What is CVE-2023-54311?

CVE-2023-54311 is a unscored severity Linux kernel vulnerability . It affects Linux kernel versions from 3.8 onward and has been patched in 5.4.243, 5.10.180, 5.15.112 and others. CVE-2023-54311 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
Is there a patch available for CVE-2023-54311?

Yes — CVE-2023-54311 has been patched. Fixed versions include 5.4.243, 5.10.180, 5.15.112 and others. If you are running Linux kernel 3.8 or later up to the fix versions, apply the relevant patch for your kernel branch.
Is CVE-2023-54311 actively exploited?

No — CVE-2023-54311 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.