CVE-2023-52852

2024-05-2100:00:00

ubuntu.com

linux kernel

vulnerability

cve-2023-52852

f2fs

read_multi_pages

use-after-free

dic

f2fs_decompress_cluster

cached page

compress_inode

invalid pointer

6.6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.5%

JSON

In the Linux kernel, the following vulnerability has been resolved: f2fs:
compress: fix to avoid use-after-free on dic Call trace:
__memcpy+0x128/0x250 f2fs_read_multi_pages+0x940/0xf7c
f2fs_mpage_readpages+0x5a8/0x624 f2fs_readahead+0x5c/0x110
page_cache_ra_unbounded+0x1b8/0x590 do_sync_mmap_readahead+0x1dc/0x2e4
filemap_fault+0x254/0xa8c f2fs_filemap_fault+0x2c/0x104
__do_fault+0x7c/0x238 do_handle_mm_fault+0x11bc/0x2d14
do_mem_abort+0x3a8/0x1004 el0_da+0x3c/0xa0 el0t_64_sync_handler+0xc4/0xec
el0t_64_sync+0x1b4/0x1b8 In f2fs_read_multi_pages(), once
f2fs_decompress_cluster() was called if we hit cached page in
compress_inode’s cache, dic may be released, it needs break the loop rather
than continuing it, in order to avoid accessing invalid dic pointer.

OSVersionArchitecturePackageVersionFilename
ubuntu22.04noarchlinux< anyUNKNOWN
ubuntu23.10noarchlinux< anyUNKNOWN
ubuntu22.04noarchlinux-aws< anyUNKNOWN
ubuntu23.10noarchlinux-aws< anyUNKNOWN
ubuntu20.04noarchlinux-aws-5.15< anyUNKNOWN
ubuntu22.04noarchlinux-aws-6.5< anyUNKNOWN
ubuntu22.04noarchlinux-azure< anyUNKNOWN
ubuntu23.10noarchlinux-azure< anyUNKNOWN
ubuntu20.04noarchlinux-azure-5.15< anyUNKNOWN
ubuntu22.04noarchlinux-azure-6.5< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	22.04	noarch	linux	< any	UNKNOWN
ubuntu	23.10	noarch	linux	< any	UNKNOWN
ubuntu	22.04	noarch	linux-aws	< any	UNKNOWN
ubuntu	23.10	noarch	linux-aws	< any	UNKNOWN
ubuntu	20.04	noarch	linux-aws-5.15	< any	UNKNOWN
ubuntu	22.04	noarch	linux-aws-6.5	< any	UNKNOWN
ubuntu	22.04	noarch	linux-azure	< any	UNKNOWN
ubuntu	23.10	noarch	linux-azure	< any	UNKNOWN
ubuntu	20.04	noarch	linux-azure-5.15	< any	UNKNOWN
ubuntu	22.04	noarch	linux-azure-6.5	< any	UNKNOWN