CVE-2023-54272

EPSS 0.03%
Veröffentlicht 30.12.2025 12:16:02
Zuletzt bearbeitet 31.12.2025 20:42:43
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

fs/ntfs3: Fix a possible null-pointer dereference in ni_clear()

In a previous commit c1006bd13146, ni->mi.mrec in ni_write_inode()
could be NULL, and thus a NULL check is added for this variable.

However, in the same call stack, ni->mi.mrec can be also dereferenced
in ni_clear():

ntfs_evict_inode(inode)
  ni_write_inode(inode, ...)
    ni = ntfs_i(inode);
    is_rec_inuse(ni->mi.mrec) -> Add a NULL check by previous commit
  ni_clear(ntfs_i(inode))
    is_rec_inuse(ni->mi.mrec) -> No check

Thus, a possible null-pointer dereference may exist in ni_clear().
To fix it, a NULL check is added in this function.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 20f9bfc664d6a478f9a5bbc0c380f80f7a1a06c6

Version 4342306f0f0d5ff4315a204d315c1b51b914fca5

Status affected

Version < 39c6312009574ca73865354133ca222e7753a71b

Version 4342306f0f0d5ff4315a204d315c1b51b914fca5

Status affected

Version < e7675f85a92233136c630000a0b7cf97826705da

Version 4342306f0f0d5ff4315a204d315c1b51b914fca5

Status affected

Version < ec275bf9693d19cc0fdce8436f4c425ced86f6e7

Version 4342306f0f0d5ff4315a204d315c1b51b914fca5

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.15

Status affected

Version < 5.15

Version 0

Status unaffected

Version <= 5.15.*

Version 5.15.113

Status unaffected

Version <= 6.1.*

Version 6.1.81

Status unaffected

Version <= 6.3.*

Version 6.3.4

Status unaffected

Version <= *

Version 6.4

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.063

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/20f9bfc664d6a478f9a5bbc0c380f80f7a1a06c6

https://git.kernel.org/stable/c/39c6312009574ca73865354133ca222e7753a71b

https://git.kernel.org/stable/c/e7675f85a92233136c630000a0b7cf97826705da

https://git.kernel.org/stable/c/ec275bf9693d19cc0fdce8436f4c425ced86f6e7

https://nvd.nist.gov/vuln/detail/CVE-2023-54272

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-54272

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-54272

EUVD