CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
5.1%
In the Linux kernel, the following vulnerability has been resolved: f2fs:
fix to avoid dirent corruption As Al reported in link[1]: f2fs_rename() …
if (old_dir != new_dir && !whiteout) f2fs_set_link(old_inode,
old_dir_entry, old_dir_page, new_dir); else f2fs_put_page(old_dir_page, 0);
You want correct inumber in the “…” link. And cross-directory rename does
move the source to new parent, even if you’d been asked to leave a whiteout
in the old place. [1]
https://lore.kernel.org/all/20231017055040.GN800259@ZenIV/ With below
testcase, it may cause dirent corruption, due to it missed to call
f2fs_set_link() to update “…” link to new directory. - mkdir -p dir/foo -
renameat2 -w dir/foo bar [ASSERT] (__chk_dots_dentries:1421) –> Bad inode
number[0x4] for ‘…’, parent parent ino is [0x3] [FSCK] other corrupted
bugs [Fail]
Author | Note |
---|---|
rodrigo-zaiden | USN-6765-1 for linux-oem-6.5 wrongly stated that this CVE was fixed in version 6.5.0-1022.23. The mentioned notice was revoked and the state of the fix for linux-oem-6.5 was recovered to the previous state. |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | linux | < 4.15.0-227.239 | UNKNOWN |
ubuntu | 20.04 | noarch | linux | < 5.4.0-176.196 | UNKNOWN |
ubuntu | 22.04 | noarch | linux | < 5.15.0-102.112 | UNKNOWN |
ubuntu | 23.10 | noarch | linux | < 6.5.0-41.41 | UNKNOWN |
ubuntu | 16.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 18.04 | noarch | linux-aws | < 4.15.0-1170.183 | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws | < 5.4.0-1122.132 | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws | < 5.15.0-1057.63 | UNKNOWN |
ubuntu | 23.10 | noarch | linux-aws | < 6.5.0-1021.21 | UNKNOWN |
ubuntu | 14.04 | noarch | linux-aws | < any | UNKNOWN |
git.kernel.org/stable/c/02160112e6d45c2610b049df6eb693d7a2e57b46
git.kernel.org/stable/c/2fb4867f4405aea8c0519d7d188207f232a57862
git.kernel.org/stable/c/53edb549565f55ccd0bdf43be3d66ce4c2d48b28
git.kernel.org/stable/c/5624a3c1b1ebc8991318e1cce2aa719542991024
git.kernel.org/stable/c/6f866885e147d33efc497f1095f35b2ee5ec7310
git.kernel.org/stable/c/d3c0b49aaa12a61d560528f5d605029ab57f0728
git.kernel.org/stable/c/f0145860c20be6bae6785c7a2249577674702ac7
git.kernel.org/stable/c/f100ba617d8be6c98a68f3744ef7617082975b77
launchpad.net/bugs/cve/CVE-2023-52444
nvd.nist.gov/vuln/detail/CVE-2023-52444
security-tracker.debian.org/tracker/CVE-2023-52444
ubuntu.com/security/notices/USN-6688-1
ubuntu.com/security/notices/USN-6725-1
ubuntu.com/security/notices/USN-6725-2
ubuntu.com/security/notices/USN-6726-1
ubuntu.com/security/notices/USN-6726-2
ubuntu.com/security/notices/USN-6726-3
ubuntu.com/security/notices/USN-6818-1
ubuntu.com/security/notices/USN-6818-2
ubuntu.com/security/notices/USN-6818-3
ubuntu.com/security/notices/USN-6818-4
ubuntu.com/security/notices/USN-6819-1
ubuntu.com/security/notices/USN-6819-2
ubuntu.com/security/notices/USN-6819-3
ubuntu.com/security/notices/USN-6819-4
ubuntu.com/security/notices/USN-6926-1
www.cve.org/CVERecord?id=CVE-2023-52444