CVE-2023-52640

Summary

In the Linux kernel, the following vulnerability has been resolved:

fs/ntfs3: Fix oob in ntfs_listxattr

The length of name cannot exceed the space occupied by ea.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux4534a70b7056fd4b9a1c6db5a4ce3c98546b291e < a585faf0591548fe0920641950ebfa8a6eefe1cdaffected
LinuxLinux4534a70b7056fd4b9a1c6db5a4ce3c98546b291e < 6ed6cdbe88334ca3430c5aee7754dc4597498dfbaffected
LinuxLinux4534a70b7056fd4b9a1c6db5a4ce3c98546b291e < 52fff5799e3d1b5803ecd2f5f19c13c65f4f7b23affected
LinuxLinux4534a70b7056fd4b9a1c6db5a4ce3c98546b291e < 0830c5cf19bdec50d0ede4755ddc463663deb21caffected
LinuxLinux4534a70b7056fd4b9a1c6db5a4ce3c98546b291e < 731ab1f9828800df871c5a7ab9ffe965317d3f15affected
LinuxLinux5.15affected
LinuxLinux0 < 5.15unaffected
LinuxLinux5.15.150 <= 5.15.*unaffected
LinuxLinux6.1.80 <= 6.1.*unaffected
LinuxLinux6.6.19 <= 6.6.*unaffected
LinuxLinux6.7.7 <= 6.7.*unaffected
LinuxLinux6.8 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References