{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2023-52848","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-05-21T15:19:24.255Z","datePublished":"2024-05-21T15:31:45.196Z","dateUpdated":"2025-05-04T12:49:38.736Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T12:49:38.736Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to drop meta_inode's page cache in f2fs_put_super()\n\nsyzbot reports a kernel bug as below:\n\nF2FS-fs (loop1): detect filesystem reference count leak during umount, type: 10, count: 1\nkernel BUG at fs/f2fs/super.c:1639!\nCPU: 0 PID: 15451 Comm: syz-executor.1 Not tainted 6.5.0-syzkaller-09338-ge0152e7481c6 #0\nRIP: 0010:f2fs_put_super+0xce1/0xed0 fs/f2fs/super.c:1639\nCall Trace:\n generic_shutdown_super+0x161/0x3c0 fs/super.c:693\n kill_block_super+0x3b/0x70 fs/super.c:1646\n kill_f2fs_super+0x2b7/0x3d0 fs/f2fs/super.c:4879\n deactivate_locked_super+0x9a/0x170 fs/super.c:481\n deactivate_super+0xde/0x100 fs/super.c:514\n cleanup_mnt+0x222/0x3d0 fs/namespace.c:1254\n task_work_run+0x14d/0x240 kernel/task_work.c:179\n resume_user_mode_work include/linux/resume_user_mode.h:49 [inline]\n exit_to_user_mode_loop kernel/entry/common.c:171 [inline]\n exit_to_user_mode_prepare+0x210/0x240 kernel/entry/common.c:204\n __syscall_exit_to_user_mode_work kernel/entry/common.c:285 [inline]\n syscall_exit_to_user_mode+0x1d/0x60 kernel/entry/common.c:296\n do_syscall_64+0x44/0xb0 arch/x86/entry/common.c:86\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nIn f2fs_put_super(), it tries to do sanity check on dirty and IO\nreference count of f2fs, once there is any reference count leak,\nit will trigger panic.\n\nThe root case is, during f2fs_put_super(), if there is any IO error\nin f2fs_wait_on_all_pages(), we missed to truncate meta_inode's page\ncache later, result in panic, fix this case."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/f2fs/super.c"],"versions":[{"version":"20872584b8c0b006c007da9588a272c9e28d2e18","lessThan":"eb42e1862aa7934c2c21890097ce4993c5e0d192","status":"affected","versionType":"git"},{"version":"20872584b8c0b006c007da9588a272c9e28d2e18","lessThan":"10b2a6c0dade67b5a2b2d17fb75c457ea1985fad","status":"affected","versionType":"git"},{"version":"20872584b8c0b006c007da9588a272c9e28d2e18","lessThan":"a4639380bbe66172df329f8b54aa7d2e943f0f64","status":"affected","versionType":"git"},{"version":"0e2577074b459bba7f4016f4d725ede37d48bb22","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/f2fs/super.c"],"versions":[{"version":"6.5","status":"affected"},{"version":"0","lessThan":"6.5","status":"unaffected","versionType":"semver"},{"version":"6.5.12","lessThanOrEqual":"6.5.*","status":"unaffected","versionType":"semver"},{"version":"6.6.2","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.7","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.5","versionEndExcluding":"6.5.12"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.5","versionEndExcluding":"6.6.2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.5","versionEndExcluding":"6.7"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.16"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/eb42e1862aa7934c2c21890097ce4993c5e0d192"},{"url":"https://git.kernel.org/stable/c/10b2a6c0dade67b5a2b2d17fb75c457ea1985fad"},{"url":"https://git.kernel.org/stable/c/a4639380bbe66172df329f8b54aa7d2e943f0f64"}],"title":"f2fs: fix to drop meta_inode's page cache in f2fs_put_super()","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"title":"CISA ADP Vulnrichment","metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2023-52848","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2024-05-21T17:54:45.651350Z"}}}],"providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-06-04T17:24:06.214Z"}},{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T23:11:35.923Z"},"title":"CVE Program Container","references":[{"url":"https://git.kernel.org/stable/c/eb42e1862aa7934c2c21890097ce4993c5e0d192","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/10b2a6c0dade67b5a2b2d17fb75c457ea1985fad","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/a4639380bbe66172df329f8b54aa7d2e943f0f64","tags":["x_transferred"]}]}]}}