{ "containers": { "cna": { "providerMetadata": { "orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038" }, "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: explicitly null-terminate the xattr list\n\nWhen setting an xattr, explicitly null-terminate the xattr list. This\neliminates the fragile assumption that the unused xattr space is always\nzeroed." } ], "affected": [ { "product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": [ "fs/f2fs/xattr.c" ], "versions": [ { "version": "1da177e4c3f4", "lessThan": "16ae3132ff77", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "12cf91e23b12", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "3e47740091b0", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "32a6cfc67675", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "5de9e9dd1828", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "2525d1ba225b", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "f6c30bfe5a49", "status": "affected", "versionType": "git" }, { "version": "1da177e4c3f4", "lessThan": "e26b6d39270f", "status": "affected", "versionType": "git" } ] }, { "product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": [ "fs/f2fs/xattr.c" ], "versions": [ { "version": "4.19.306", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "custom" }, { "version": "5.4.268", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "custom" }, { "version": "5.10.209", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "custom" }, { "version": "5.15.148", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "custom" }, { "version": "6.1.74", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "custom" }, { "version": "6.6.13", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "custom" }, { "version": "6.7.1", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "custom" }, { "version": "6.8", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix" } ] } ], "references": [ { "url": "https://git.kernel.org/stable/c/16ae3132ff7746894894927c1892493693b89135" }, { "url": "https://git.kernel.org/stable/c/12cf91e23b126718a96b914f949f2cdfeadc7b2a" }, { "url": "https://git.kernel.org/stable/c/3e47740091b05ac8d7836a33afd8646b6863ca52" }, { "url": "https://git.kernel.org/stable/c/32a6cfc67675ee96fe107aeed5af9776fec63f11" }, { "url": "https://git.kernel.org/stable/c/5de9e9dd1828db9b8b962f7ca42548bd596deb8a" }, { "url": "https://git.kernel.org/stable/c/2525d1ba225b5c167162fa344013c408e8b4de36" }, { "url": "https://git.kernel.org/stable/c/f6c30bfe5a49bc38cae985083a11016800708fea" }, { "url": "https://git.kernel.org/stable/c/e26b6d39270f5eab0087453d9b544189a38c8564" } ], "title": "f2fs: explicitly null-terminate the xattr list", "x_generator": { "engine": "bippy-a5840b7849dd" } } }, "cveMetadata": { "assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038", "cveID": "CVE-2023-52436", "requesterUserId": "gregkh@kernel.org", "serial": "1", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.0" }