5.5

CVE-2023-52590

EPSS 0.01%
Veröffentlicht 06.03.2024 07:15:08
Zuletzt bearbeitet 14.02.2025 16:40:22
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

ocfs2: Avoid touching renamed directory if parent does not change

The VFS will not be locking moved directory if its parent does not
change. Change ocfs2 rename code to avoid touching renamed directory if
its parent does not change as without locking that can corrupt the
filesystem.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version < 6.7.4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.01%	0.004

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-667 Improper Locking

The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.

https://git.kernel.org/stable/c/9d618d19b29c2943527e3a43da0a35aea91062fc

Patch

Mailing List

https://git.kernel.org/stable/c/de940cede3c41624e2de27f805b490999f419df9

Patch

Mailing List

https://nvd.nist.gov/vuln/detail/CVE-2023-52590

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-52590

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-52590

EUVD