PatchSiren

PatchSiren cyber security CVE debrief

CVE-2023-52458 Linux CVE debrief

CVE-2023-52458 is a Linux kernel block-layer bug in partition handling. When a partition is added or resized without checking alignment to the disk’s logical block size, reads of the final sector can be truncated into an I/O error on systems with logical block sizes larger than 512 bytes. If integrity data is enabled, the same condition can also lead to a NULL pointer dereference. NVD rates the issue CVSS 5.5 (MEDIUM) with local, low-privilege access and high availability impact.

Vendor
Linux
Product
CVE-2023-52458
CVSS
MEDIUM 5.5
CISA KEV
Not listed in stored evidence
Original CVE published
2024-02-23
Original CVE updated
2026-05-12
Advisory published
2024-02-23
Advisory updated
2026-05-12

Who should care

Linux kernel maintainers, distro and fleet administrators, and operators of systems that use storage devices with logical block sizes larger than 512 bytes. Systems that also use integrity data are especially relevant because the supplied description notes a NULL pointer dereference path in that configuration.

Technical summary

The supplied CVE description says the kernel did not check whether a partition length was aligned with the logical block size before adding or resizing the partition. On disks whose logical block size exceeds 512 bytes, a partition can end up with a length that is not a multiple of that block size. When the last sector is read, bio_truncate() may reduce the bio size, which can cause an I/O error if the read command becomes smaller than the logical block size. If integrity data is supported, the same condition can also trigger a NULL pointer dereference in bio_integrity_free(). NVD lists CWE-476 and CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H.

Defensive priority

Medium. The score is moderate, but the impact is availability-focused and the issue affects kernel storage paths. Prioritize if you run affected Linux kernel branches on devices with logical block sizes above 512 bytes or use integrity data.

Recommended defensive actions

  • Upgrade to a Linux kernel version that includes the vendor fixes referenced by NVD.
  • Use the NVD version ranges to confirm exposure: affected branches end before 5.10.215, 5.15.148, 6.1.75, 6.6.14, and 6.7.2.
  • Review systems that use storage devices with logical block sizes larger than 512 bytes, especially where partitions may be added or resized.
  • If immediate patching is not possible, avoid partition changes that would create non-aligned lengths on affected kernels.
  • After patching, validate storage and integrity-enabled workloads on representative systems.
  • Track downstream distro advisories and backports for your deployed kernel line.

Evidence notes

The CVE was published in the supplied corpus on 2024-02-23 and last modified on 2026-05-12. The supplied NVD data lists CVSS 5.5 / AV:L / AC:L / PR:L / UI:N / S:U / C:N / I:N / A:H and CWE-476. NVD references include multiple kernel.org stable patch links and downstream notices. The affected version criteria in the supplied corpus are: before 5.10.215; 5.11.0 through 5.15.147; 5.16.0 through 6.1.74; 6.2.0 through 6.6.13; and 6.7.0 through 6.7.1.

Official resources

Publicly disclosed in the supplied CVE record on 2024-02-23; NVD last modified the record on 2026-05-12. The supplied references point to kernel.org stable patches and downstream advisory notices.