In the Linux kernel, the following vulnerability has been resolved:
fs/ntfs3: Fix an NULL dereference bug The issue here is when this is called
from ntfs_load_attr_list(). The “size” comes from
le32_to_cpu(attr->res.data_size) so it can’t overflow on a 64bit systems
but on 32bit systems the “+ 1023” can overflow and the result is zero. This
means that the kmalloc will succeed by returning the ZERO_SIZE_PTR and then
the memcpy() will crash with an Oops on the next line.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 22.04 | noarch | linux | < 5.15.0-106.116 | UNKNOWN |
ubuntu | 23.10 | noarch | linux | < 6.5.0-44.44 | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws | < 5.15.0-1061.67 | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws-5.15 | < 5.15.0-1061.67~20.04.1 | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws-6.5 | < 6.5.0-1023.23~22.04.1 | UNKNOWN |
ubuntu | 22.04 | noarch | linux-azure | < 5.15.0-1063.72 | UNKNOWN |
ubuntu | 20.04 | noarch | linux-azure-5.15 | < 5.15.0-1063.72~20.04.1 | UNKNOWN |
ubuntu | 22.04 | noarch | linux-azure-6.5 | < 6.5.0-1024.25~22.04.1 | UNKNOWN |
ubuntu | 22.04 | noarch | linux-azure-fde | < 5.15.0-1063.72.1 | UNKNOWN |
ubuntu | 20.04 | noarch | linux-azure-fde-5.15 | < 5.15.0-1063.72~20.04.1.1 | UNKNOWN |
git.kernel.org/linus/b2dd7b953c25ffd5912dda17e980e7168bebcf6c (6.8-rc4)
git.kernel.org/stable/c/686820fe141ea0220fc6fdfc7e5694f915cf64b2
git.kernel.org/stable/c/ae4acad41b0f93f1c26cc0fc9135bb79d8282d0b
git.kernel.org/stable/c/b2dd7b953c25ffd5912dda17e980e7168bebcf6c
git.kernel.org/stable/c/ec1bedd797588fe38fc11cba26d77bb1d9b194c6
git.kernel.org/stable/c/fb7bcd1722bc9bc55160378f5f99c01198fd14a7
launchpad.net/bugs/cve/CVE-2023-52631
nvd.nist.gov/vuln/detail/CVE-2023-52631
security-tracker.debian.org/tracker/CVE-2023-52631
ubuntu.com/security/notices/USN-6766-1
ubuntu.com/security/notices/USN-6766-2
ubuntu.com/security/notices/USN-6766-3
ubuntu.com/security/notices/USN-6795-1
ubuntu.com/security/notices/USN-6828-1
ubuntu.com/security/notices/USN-6895-1
ubuntu.com/security/notices/USN-6895-2
ubuntu.com/security/notices/USN-6895-3
ubuntu.com/security/notices/USN-6900-1
www.cve.org/CVERecord?id=CVE-2023-52631