-

CVE-2023-53301

In the Linux kernel, the following vulnerability has been resolved:

f2fs: fix kernel crash due to null io->bio

We should return when io->bio is null before doing anything. Otherwise, panic.

BUG: kernel NULL pointer dereference, address: 0000000000000010
RIP: 0010:__submit_merged_write_cond+0x164/0x240 [f2fs]
Call Trace:
 <TASK>
 f2fs_submit_merged_write+0x1d/0x30 [f2fs]
 commit_checkpoint+0x110/0x1e0 [f2fs]
 f2fs_write_checkpoint+0x9f7/0xf00 [f2fs]
 ? __pfx_issue_checkpoint_thread+0x10/0x10 [f2fs]
 __checkpoint_and_complete_reqs+0x84/0x190 [f2fs]
 ? preempt_count_add+0x82/0xc0
 ? __pfx_issue_checkpoint_thread+0x10/0x10 [f2fs]
 issue_checkpoint_thread+0x4c/0xf0 [f2fs]
 ? __pfx_autoremove_wake_function+0x10/0x10
 kthread+0xff/0x130
 ? __pfx_kthread+0x10/0x10
 ret_from_fork+0x2c/0x50
 </TASK>

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
Produkt Linux
Default Statusunaffected
Version < 83dbb9a1bd5ef2eea73275906fc50b2fdda39cd5
Version 64bf0eef0171912f7c2f3ea30ee6ad7a2ad0a511
Status affected
Version < eb52f13c6093ac761dbeaa459c810fc0253209fc
Version 64bf0eef0171912f7c2f3ea30ee6ad7a2ad0a511
Status affected
Version < 267c159f9c7bcb7009dae16889b880c5ed8759a8
Version 64bf0eef0171912f7c2f3ea30ee6ad7a2ad0a511
Status affected
HerstellerLinux
Produkt Linux
Default Statusaffected
Version 5.18
Status affected
Version < 5.18
Version 0
Status unaffected
Version <= 6.1.*
Version 6.1.16
Status unaffected
Version <= 6.2.*
Version 6.2.3
Status unaffected
Version <= *
Version 6.3
Status unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.02% 0.043
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String