CVE-2023-52852 (GCVE-0-2023-52852)

Vulnerability from cvelistv5 – Published: 2024-05-21 15:31 – Updated: 2026-05-23 15:27
VLAI
Title
f2fs: compress: fix to avoid use-after-free on dic
Summary
In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix to avoid use-after-free on dic Call trace: __memcpy+0x128/0x250 f2fs_read_multi_pages+0x940/0xf7c f2fs_mpage_readpages+0x5a8/0x624 f2fs_readahead+0x5c/0x110 page_cache_ra_unbounded+0x1b8/0x590 do_sync_mmap_readahead+0x1dc/0x2e4 filemap_fault+0x254/0xa8c f2fs_filemap_fault+0x2c/0x104 __do_fault+0x7c/0x238 do_handle_mm_fault+0x11bc/0x2d14 do_mem_abort+0x3a8/0x1004 el0_da+0x3c/0xa0 el0t_64_sync_handler+0xc4/0xec el0t_64_sync+0x1b4/0x1b8 In f2fs_read_multi_pages(), once f2fs_decompress_cluster() was called if we hit cached page in compress_inode's cache, dic may be released, it needs break the loop rather than continuing it, in order to avoid accessing invalid dic pointer.
Severity
No CVSS data available.
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: 6ce19aff0b8cd386860855185c6cd79337fc4d2b , < 8c4504cc0c64862740a6acb301e0cfa59580dbc5 (git)
Affected: 6ce19aff0b8cd386860855185c6cd79337fc4d2b , < 9375ea7f269093d7c884857ae1f47633a91f429c (git)
Affected: 6ce19aff0b8cd386860855185c6cd79337fc4d2b , < 932ddb5c29e884cc6fac20417ece72ba4a35c401 (git)
Affected: 6ce19aff0b8cd386860855185c6cd79337fc4d2b , < 9d065aa52b6ee1b06f9c4eca881c9b4425a12ba2 (git)
Affected: 6ce19aff0b8cd386860855185c6cd79337fc4d2b , < b0327c84e91a0f4f0abced8cb83ec86a7083f086 (git)
Affected: a23706426da9b611be5beae0f3faa260fb453b4e (git)
Affected: 5.13.19 , < 5.14 (semver)
Create a notification for this product.
Linux Linux Affected: 5.14
Unaffected: 0 , < 5.14 (semver)
Unaffected: 5.15.139 , ≤ 5.15.* (semver)
Unaffected: 6.1.63 , ≤ 6.1.* (semver)
Unaffected: 6.5.12 , ≤ 6.5.* (semver)
Unaffected: 6.6.2 , ≤ 6.6.* (semver)
Unaffected: 6.7 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52852",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-29T17:16:38.626939Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:24:10.682Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.038Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8c4504cc0c64862740a6acb301e0cfa59580dbc5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9375ea7f269093d7c884857ae1f47633a91f429c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/932ddb5c29e884cc6fac20417ece72ba4a35c401"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9d065aa52b6ee1b06f9c4eca881c9b4425a12ba2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b0327c84e91a0f4f0abced8cb83ec86a7083f086"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/f2fs/data.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "8c4504cc0c64862740a6acb301e0cfa59580dbc5",
              "status": "affected",
              "version": "6ce19aff0b8cd386860855185c6cd79337fc4d2b",
              "versionType": "git"
            },
            {
              "lessThan": "9375ea7f269093d7c884857ae1f47633a91f429c",
              "status": "affected",
              "version": "6ce19aff0b8cd386860855185c6cd79337fc4d2b",
              "versionType": "git"
            },
            {
              "lessThan": "932ddb5c29e884cc6fac20417ece72ba4a35c401",
              "status": "affected",
              "version": "6ce19aff0b8cd386860855185c6cd79337fc4d2b",
              "versionType": "git"
            },
            {
              "lessThan": "9d065aa52b6ee1b06f9c4eca881c9b4425a12ba2",
              "status": "affected",
              "version": "6ce19aff0b8cd386860855185c6cd79337fc4d2b",
              "versionType": "git"
            },
            {
              "lessThan": "b0327c84e91a0f4f0abced8cb83ec86a7083f086",
              "status": "affected",
              "version": "6ce19aff0b8cd386860855185c6cd79337fc4d2b",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "a23706426da9b611be5beae0f3faa260fb453b4e",
              "versionType": "git"
            },
            {
              "lessThan": "5.14",
              "status": "affected",
              "version": "5.13.19",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/f2fs/data.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.14"
            },
            {
              "lessThan": "5.14",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.139",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.63",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.139",
                  "versionStartIncluding": "5.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.63",
                  "versionStartIncluding": "5.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.5.12",
                  "versionStartIncluding": "5.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.2",
                  "versionStartIncluding": "5.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.7",
                  "versionStartIncluding": "5.14",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "5.13.19",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: compress: fix to avoid use-after-free on dic\n\nCall trace:\n __memcpy+0x128/0x250\n f2fs_read_multi_pages+0x940/0xf7c\n f2fs_mpage_readpages+0x5a8/0x624\n f2fs_readahead+0x5c/0x110\n page_cache_ra_unbounded+0x1b8/0x590\n do_sync_mmap_readahead+0x1dc/0x2e4\n filemap_fault+0x254/0xa8c\n f2fs_filemap_fault+0x2c/0x104\n __do_fault+0x7c/0x238\n do_handle_mm_fault+0x11bc/0x2d14\n do_mem_abort+0x3a8/0x1004\n el0_da+0x3c/0xa0\n el0t_64_sync_handler+0xc4/0xec\n el0t_64_sync+0x1b4/0x1b8\n\nIn f2fs_read_multi_pages(), once f2fs_decompress_cluster() was called if\nwe hit cached page in compress_inode\u0027s cache, dic may be released, it needs\nbreak the loop rather than continuing it, in order to avoid accessing\ninvalid dic pointer."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-23T15:27:21.581Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/8c4504cc0c64862740a6acb301e0cfa59580dbc5"
        },
        {
          "url": "https://git.kernel.org/stable/c/9375ea7f269093d7c884857ae1f47633a91f429c"
        },
        {
          "url": "https://git.kernel.org/stable/c/932ddb5c29e884cc6fac20417ece72ba4a35c401"
        },
        {
          "url": "https://git.kernel.org/stable/c/9d065aa52b6ee1b06f9c4eca881c9b4425a12ba2"
        },
        {
          "url": "https://git.kernel.org/stable/c/b0327c84e91a0f4f0abced8cb83ec86a7083f086"
        }
      ],
      "title": "f2fs: compress: fix to avoid use-after-free on dic",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52852",
    "datePublished": "2024-05-21T15:31:47.889Z",
    "dateReserved": "2024-05-21T15:19:24.255Z",
    "dateUpdated": "2026-05-23T15:27:21.581Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2023-52852",
      "date": "2026-05-28",
      "epss": "0.00023",
      "percentile": "0.06876"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.13.19\", \"versionEndExcluding\": \"5.15.139\", \"matchCriteriaId\": \"14D5B2E5-AF57-4541-ADEB-69F278C2C058\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.16\", \"versionEndExcluding\": \"6.1.63\", \"matchCriteriaId\": \"80E1EA7E-2788-466C-9FFB-34AFA1B052F0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"6.2\", \"versionEndExcluding\": \"6.5.12\", \"matchCriteriaId\": \"825F64D9-E99F-49AA-8A7B-EF7C2965C5B2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"6.6\", \"versionEndExcluding\": \"6.6.2\", \"matchCriteriaId\": \"4CBFF885-A4D3-4F21-B6FD-4D770034C048\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nf2fs: compress: fix to avoid use-after-free on dic\\n\\nCall trace:\\n __memcpy+0x128/0x250\\n f2fs_read_multi_pages+0x940/0xf7c\\n f2fs_mpage_readpages+0x5a8/0x624\\n f2fs_readahead+0x5c/0x110\\n page_cache_ra_unbounded+0x1b8/0x590\\n do_sync_mmap_readahead+0x1dc/0x2e4\\n filemap_fault+0x254/0xa8c\\n f2fs_filemap_fault+0x2c/0x104\\n __do_fault+0x7c/0x238\\n do_handle_mm_fault+0x11bc/0x2d14\\n do_mem_abort+0x3a8/0x1004\\n el0_da+0x3c/0xa0\\n el0t_64_sync_handler+0xc4/0xec\\n el0t_64_sync+0x1b4/0x1b8\\n\\nIn f2fs_read_multi_pages(), once f2fs_decompress_cluster() was called if\\nwe hit cached page in compress_inode\u0027s cache, dic may be released, it needs\\nbreak the loop rather than continuing it, in order to avoid accessing\\ninvalid dic pointer.\"}, {\"lang\": \"es\", \"value\": \" En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: f2fs: compress: correcci\\u00f3n para evitar el use after free en dic. Rastreo de llamadas: __memcpy+0x128/0x250 f2fs_read_multi_pages+0x940/0xf7c f2fs_mpage_readpages+0x5a8/0x624 f2fs_readahead+0x5c/0x110 page_cache_ra_ ilimitado +0x1b8/0x590 do_sync_mmap_readahead+0x1dc/0x2e4 filemap_fault+0x254/0xa8c f2fs_filemap_fault+0x2c/0x104 __do_fault+0x7c/0x238 do_handle_mm_fault+0x11bc/0x2d14 do_mem_abort+0x3a8 /0x1004 el0_da+0x3c/0xa0 el0t_64_sync_handler+0xc4/0xec el0t_64_sync+0x1b4/0x1b8 En f2fs_read_multi_pages(), una vez que se llam\\u00f3 a f2fs_decompress_cluster() si llegamos a la p\\u00e1gina almacenada en cach\\u00e9 en el cach\\u00e9 de compress_inode, es posible que se libere dic, es necesario romper el ciclo en lugar de continuarlo, para evitar acceder a un puntero dic no v\\u00e1lido.\"}]",
      "id": "CVE-2023-52852",
      "lastModified": "2024-12-30T20:09:19.563",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}]}",
      "published": "2024-05-21T16:15:22.227",
      "references": "[{\"url\": \"https://git.kernel.org/stable/c/8c4504cc0c64862740a6acb301e0cfa59580dbc5\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/932ddb5c29e884cc6fac20417ece72ba4a35c401\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/9375ea7f269093d7c884857ae1f47633a91f429c\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/9d065aa52b6ee1b06f9c4eca881c9b4425a12ba2\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/b0327c84e91a0f4f0abced8cb83ec86a7083f086\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/8c4504cc0c64862740a6acb301e0cfa59580dbc5\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/932ddb5c29e884cc6fac20417ece72ba4a35c401\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/9375ea7f269093d7c884857ae1f47633a91f429c\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/9d065aa52b6ee1b06f9c4eca881c9b4425a12ba2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/b0327c84e91a0f4f0abced8cb83ec86a7083f086\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}]",
      "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "vulnStatus": "Analyzed",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-416\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-52852\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-05-21T16:15:22.227\",\"lastModified\":\"2024-12-30T20:09:19.563\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nf2fs: compress: fix to avoid use-after-free on dic\\n\\nCall trace:\\n __memcpy+0x128/0x250\\n f2fs_read_multi_pages+0x940/0xf7c\\n f2fs_mpage_readpages+0x5a8/0x624\\n f2fs_readahead+0x5c/0x110\\n page_cache_ra_unbounded+0x1b8/0x590\\n do_sync_mmap_readahead+0x1dc/0x2e4\\n filemap_fault+0x254/0xa8c\\n f2fs_filemap_fault+0x2c/0x104\\n __do_fault+0x7c/0x238\\n do_handle_mm_fault+0x11bc/0x2d14\\n do_mem_abort+0x3a8/0x1004\\n el0_da+0x3c/0xa0\\n el0t_64_sync_handler+0xc4/0xec\\n el0t_64_sync+0x1b4/0x1b8\\n\\nIn f2fs_read_multi_pages(), once f2fs_decompress_cluster() was called if\\nwe hit cached page in compress_inode\u0027s cache, dic may be released, it needs\\nbreak the loop rather than continuing it, in order to avoid accessing\\ninvalid dic pointer.\"},{\"lang\":\"es\",\"value\":\" En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: f2fs: compress: correcci\u00f3n para evitar el use after free en dic. Rastreo de llamadas: __memcpy+0x128/0x250 f2fs_read_multi_pages+0x940/0xf7c f2fs_mpage_readpages+0x5a8/0x624 f2fs_readahead+0x5c/0x110 page_cache_ra_ ilimitado +0x1b8/0x590 do_sync_mmap_readahead+0x1dc/0x2e4 filemap_fault+0x254/0xa8c f2fs_filemap_fault+0x2c/0x104 __do_fault+0x7c/0x238 do_handle_mm_fault+0x11bc/0x2d14 do_mem_abort+0x3a8 /0x1004 el0_da+0x3c/0xa0 el0t_64_sync_handler+0xc4/0xec el0t_64_sync+0x1b4/0x1b8 En f2fs_read_multi_pages(), una vez que se llam\u00f3 a f2fs_decompress_cluster() si llegamos a la p\u00e1gina almacenada en cach\u00e9 en el cach\u00e9 de compress_inode, es posible que se libere dic, es necesario romper el ciclo en lugar de continuarlo, para evitar acceder a un puntero dic no v\u00e1lido.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.13.19\",\"versionEndExcluding\":\"5.15.139\",\"matchCriteriaId\":\"14D5B2E5-AF57-4541-ADEB-69F278C2C058\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16\",\"versionEndExcluding\":\"6.1.63\",\"matchCriteriaId\":\"80E1EA7E-2788-466C-9FFB-34AFA1B052F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2\",\"versionEndExcluding\":\"6.5.12\",\"matchCriteriaId\":\"825F64D9-E99F-49AA-8A7B-EF7C2965C5B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.6\",\"versionEndExcluding\":\"6.6.2\",\"matchCriteriaId\":\"4CBFF885-A4D3-4F21-B6FD-4D770034C048\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/8c4504cc0c64862740a6acb301e0cfa59580dbc5\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/932ddb5c29e884cc6fac20417ece72ba4a35c401\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/9375ea7f269093d7c884857ae1f47633a91f429c\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/9d065aa52b6ee1b06f9c4eca881c9b4425a12ba2\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/b0327c84e91a0f4f0abced8cb83ec86a7083f086\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/8c4504cc0c64862740a6acb301e0cfa59580dbc5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/932ddb5c29e884cc6fac20417ece72ba4a35c401\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/9375ea7f269093d7c884857ae1f47633a91f429c\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/9d065aa52b6ee1b06f9c4eca881c9b4425a12ba2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/b0327c84e91a0f4f0abced8cb83ec86a7083f086\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://git.kernel.org/stable/c/8c4504cc0c64862740a6acb301e0cfa59580dbc5\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/9375ea7f269093d7c884857ae1f47633a91f429c\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/932ddb5c29e884cc6fac20417ece72ba4a35c401\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/9d065aa52b6ee1b06f9c4eca881c9b4425a12ba2\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/b0327c84e91a0f4f0abced8cb83ec86a7083f086\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T23:11:36.038Z\"}}, {\"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-52852\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-05-29T17:16:38.626939Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-29T17:16:42.576Z\"}, \"title\": \"CISA ADP Vulnrichment\"}], \"cna\": {\"title\": \"f2fs: compress: fix to avoid use-after-free on dic\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"6ce19aff0b8c\", \"lessThan\": \"8c4504cc0c64\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"6ce19aff0b8c\", \"lessThan\": \"9375ea7f2690\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"6ce19aff0b8c\", \"lessThan\": \"932ddb5c29e8\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"6ce19aff0b8c\", \"lessThan\": \"9d065aa52b6e\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"6ce19aff0b8c\", \"lessThan\": \"b0327c84e91a\", \"versionType\": \"git\"}], \"programFiles\": [\"fs/f2fs/data.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.14\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"5.14\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"5.15.139\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"5.15.*\"}, {\"status\": \"unaffected\", \"version\": \"6.1.63\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"6.1.*\"}, {\"status\": \"unaffected\", \"version\": \"6.5.12\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"6.5.*\"}, {\"status\": \"unaffected\", \"version\": \"6.6.2\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"6.6.*\"}, {\"status\": \"unaffected\", \"version\": \"6.7\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"fs/f2fs/data.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/8c4504cc0c64862740a6acb301e0cfa59580dbc5\"}, {\"url\": \"https://git.kernel.org/stable/c/9375ea7f269093d7c884857ae1f47633a91f429c\"}, {\"url\": \"https://git.kernel.org/stable/c/932ddb5c29e884cc6fac20417ece72ba4a35c401\"}, {\"url\": \"https://git.kernel.org/stable/c/9d065aa52b6ee1b06f9c4eca881c9b4425a12ba2\"}, {\"url\": \"https://git.kernel.org/stable/c/b0327c84e91a0f4f0abced8cb83ec86a7083f086\"}], \"x_generator\": {\"engine\": \"bippy-a5840b7849dd\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nf2fs: compress: fix to avoid use-after-free on dic\\n\\nCall trace:\\n __memcpy+0x128/0x250\\n f2fs_read_multi_pages+0x940/0xf7c\\n f2fs_mpage_readpages+0x5a8/0x624\\n f2fs_readahead+0x5c/0x110\\n page_cache_ra_unbounded+0x1b8/0x590\\n do_sync_mmap_readahead+0x1dc/0x2e4\\n filemap_fault+0x254/0xa8c\\n f2fs_filemap_fault+0x2c/0x104\\n __do_fault+0x7c/0x238\\n do_handle_mm_fault+0x11bc/0x2d14\\n do_mem_abort+0x3a8/0x1004\\n el0_da+0x3c/0xa0\\n el0t_64_sync_handler+0xc4/0xec\\n el0t_64_sync+0x1b4/0x1b8\\n\\nIn f2fs_read_multi_pages(), once f2fs_decompress_cluster() was called if\\nwe hit cached page in compress_inode\u0027s cache, dic may be released, it needs\\nbreak the loop rather than continuing it, in order to avoid accessing\\ninvalid dic pointer.\"}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2024-05-29T05:18:28.131Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-52852\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-02T23:11:36.038Z\", \"dateReserved\": \"2024-05-21T15:19:24.255Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-05-21T15:31:47.889Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.