5.5

CVE-2023-52641

fs/ntfs3: Add NULL ptr dereference checking at the end of attr_allocate_frame()

In the Linux kernel, the following vulnerability has been resolved:

fs/ntfs3: Add NULL ptr dereference checking at the end of attr_allocate_frame()

It is preferable to exit through the out: label because
internal debugging functions are located there.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version < 5.15.150
LinuxLinux Kernel Version >= 5.16 < 6.1.80
LinuxLinux Kernel Version >= 6.2 < 6.6.19
LinuxLinux Kernel Version >= 6.7 < 6.7.7
LinuxLinux Kernel Version6.8 Updaterc1
LinuxLinux Kernel Version6.8 Updaterc2
LinuxLinux Kernel Version6.8 Updaterc3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.24% 0.147
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://git.kernel.org/stable/c/50545eb6cd5f7ff852a01fa29b7372524ef948cc
Patch
https://git.kernel.org/stable/c/847b68f58c212f0439c5a8101b3841f32caffccd
Patch
https://git.kernel.org/stable/c/947c3f3d31ea185ddc8e7f198873f17d36deb24c
Patch
https://git.kernel.org/stable/c/aaab47f204aaf47838241d57bf8662c8840de60a
Patch
https://git.kernel.org/stable/c/ee8db6475cb15c8122855f72ad4cfa5375af6a7b
Patch