{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2023-52852","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-05-21T15:19:24.255Z","datePublished":"2024-05-21T15:31:47.889Z","dateUpdated":"2025-05-04T12:49:41.026Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T12:49:41.026Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: compress: fix to avoid use-after-free on dic\n\nCall trace:\n __memcpy+0x128/0x250\n f2fs_read_multi_pages+0x940/0xf7c\n f2fs_mpage_readpages+0x5a8/0x624\n f2fs_readahead+0x5c/0x110\n page_cache_ra_unbounded+0x1b8/0x590\n do_sync_mmap_readahead+0x1dc/0x2e4\n filemap_fault+0x254/0xa8c\n f2fs_filemap_fault+0x2c/0x104\n __do_fault+0x7c/0x238\n do_handle_mm_fault+0x11bc/0x2d14\n do_mem_abort+0x3a8/0x1004\n el0_da+0x3c/0xa0\n el0t_64_sync_handler+0xc4/0xec\n el0t_64_sync+0x1b4/0x1b8\n\nIn f2fs_read_multi_pages(), once f2fs_decompress_cluster() was called if\nwe hit cached page in compress_inode's cache, dic may be released, it needs\nbreak the loop rather than continuing it, in order to avoid accessing\ninvalid dic pointer."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/f2fs/data.c"],"versions":[{"version":"6ce19aff0b8cd386860855185c6cd79337fc4d2b","lessThan":"8c4504cc0c64862740a6acb301e0cfa59580dbc5","status":"affected","versionType":"git"},{"version":"6ce19aff0b8cd386860855185c6cd79337fc4d2b","lessThan":"9375ea7f269093d7c884857ae1f47633a91f429c","status":"affected","versionType":"git"},{"version":"6ce19aff0b8cd386860855185c6cd79337fc4d2b","lessThan":"932ddb5c29e884cc6fac20417ece72ba4a35c401","status":"affected","versionType":"git"},{"version":"6ce19aff0b8cd386860855185c6cd79337fc4d2b","lessThan":"9d065aa52b6ee1b06f9c4eca881c9b4425a12ba2","status":"affected","versionType":"git"},{"version":"6ce19aff0b8cd386860855185c6cd79337fc4d2b","lessThan":"b0327c84e91a0f4f0abced8cb83ec86a7083f086","status":"affected","versionType":"git"},{"version":"a23706426da9b611be5beae0f3faa260fb453b4e","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["fs/f2fs/data.c"],"versions":[{"version":"5.14","status":"affected"},{"version":"0","lessThan":"5.14","status":"unaffected","versionType":"semver"},{"version":"5.15.139","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.63","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.5.12","lessThanOrEqual":"6.5.*","status":"unaffected","versionType":"semver"},{"version":"6.6.2","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.7","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.14","versionEndExcluding":"5.15.139"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.14","versionEndExcluding":"6.1.63"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.14","versionEndExcluding":"6.5.12"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.14","versionEndExcluding":"6.6.2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.14","versionEndExcluding":"6.7"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.13.19"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/8c4504cc0c64862740a6acb301e0cfa59580dbc5"},{"url":"https://git.kernel.org/stable/c/9375ea7f269093d7c884857ae1f47633a91f429c"},{"url":"https://git.kernel.org/stable/c/932ddb5c29e884cc6fac20417ece72ba4a35c401"},{"url":"https://git.kernel.org/stable/c/9d065aa52b6ee1b06f9c4eca881c9b4425a12ba2"},{"url":"https://git.kernel.org/stable/c/b0327c84e91a0f4f0abced8cb83ec86a7083f086"}],"title":"f2fs: compress: fix to avoid use-after-free on dic","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"title":"CISA ADP Vulnrichment","metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2023-52852","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"version":"2.0.3","timestamp":"2024-05-29T17:16:38.626939Z"}}}],"providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-06-04T17:24:10.682Z"}},{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T23:11:36.038Z"},"title":"CVE Program Container","references":[{"url":"https://git.kernel.org/stable/c/8c4504cc0c64862740a6acb301e0cfa59580dbc5","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/9375ea7f269093d7c884857ae1f47633a91f429c","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/932ddb5c29e884cc6fac20417ece72ba4a35c401","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/9d065aa52b6ee1b06f9c4eca881c9b4425a12ba2","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/b0327c84e91a0f4f0abced8cb83ec86a7083f086","tags":["x_transferred"]}]}]}}