CVE-2023-52588

Summary

In the Linux kernel, the following vulnerability has been resolved:

f2fs: fix to tag gcing flag on page during block migration

It needs to add missing gcing flag on page during block migration, in order to garantee migrated data be persisted during checkpoint, otherwise out-of-order persistency between data and node may cause data corruption after SPOR.

Similar issue was fixed by commit 2d1fe8a86bf5 ("f2fs: fix to tag gcing flag on page during file defragment").

Affected Software

VendorProductVersion RangeStatus
LinuxLinux98e4da8ca301e062d79ae168c67e56f3c3de3ce4 < 7ea0f29d9fd84905051be020c0df7d557e286136affected
LinuxLinux98e4da8ca301e062d79ae168c67e56f3c3de3ce4 < 7c972c89457511007dfc933814c06786905e515caffected
LinuxLinux98e4da8ca301e062d79ae168c67e56f3c3de3ce4 < 417b8a91f4e8831cadaf85c3f15c6991c1f54ddeaffected
LinuxLinux98e4da8ca301e062d79ae168c67e56f3c3de3ce4 < b8094c0f1aae329b1c60a275a780d6c2c9ff7aa3affected
LinuxLinux98e4da8ca301e062d79ae168c67e56f3c3de3ce4 < 4961acdd65c956e97c1a000c82d91a8c1cdbe44baffected
LinuxLinux3.8affected
LinuxLinux0 < 3.8unaffected
LinuxLinux5.15.149 <= 5.15.*unaffected
LinuxLinux6.1.77 <= 6.1.*unaffected
LinuxLinux6.6.16 <= 6.6.*unaffected
LinuxLinux6.7.4 <= 6.7.*unaffected
LinuxLinux6.8 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References