CVE-2023-52588
Published: March 7, 2024Last modified: March 7, 2024
Description
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to tag gcing flag on page during block migration It needs to add missing gcing flag on page during block migration, in order to garantee migrated data be persisted during checkpoint, otherwise out-of-order persistency between data and node may cause data corruption after SPOR. Similar issue was fixed by commit 2d1fe8a86bf5 ("f2fs: fix to tag gcing flag on page during file defragment").
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 7.1 |
| Attack Vector | LOCAL |
| Attack complexity | LOW |
| Privileges required | LOW |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | HIGH |
| Integrity impact | NONE |
| Availability impact | HIGH |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H |
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | 23 LTS | linux-lts | Fixed (6.1.81-r0) |
| Stream | linux-lts | Fixed (6.6.58-r0) |
References
- https://git.kernel.org/stable/c/417b8a91f4e8831cadaf85c3f15c6991c1f54dde
- https://git.kernel.org/stable/c/4961acdd65c956e97c1a000c82d91a8c1cdbe44b
- https://git.kernel.org/stable/c/7c972c89457511007dfc933814c06786905e515c
- https://git.kernel.org/stable/c/7ea0f29d9fd84905051be020c0df7d557e286136
- https://git.kernel.org/stable/c/b8094c0f1aae329b1c60a275a780d6c2c9ff7aa3