CVE-2023-54192

Summary

In the Linux kernel, the following vulnerability has been resolved:

f2fs: fix null pointer panic in tracepoint in __replace_atomic_write_block

We got a kernel panic if old_addr is NULL.

https://bugzilla.kernel.org/show_bug.cgi?id=217266

BUG: kernel NULL pointer dereference, address: 0000000000000000 Call Trace: <TASK> f2fs_commit_atomic_write+0x619/0x990 [f2fs a1b985b80f5babd6f3ea778384908880812bfa43] __f2fs_ioctl+0xd8e/0x4080 [f2fs a1b985b80f5babd6f3ea778384908880812bfa43] ? vfs_write+0x2ae/0x3f0 ? vfs_write+0x2ae/0x3f0 __x64_sys_ioctl+0x91/0xd0 do_syscall_64+0x5c/0x90 entry_SYSCALL_64_after_hwframe+0x72/0xdc RIP: 0033:0x7f69095fe53f

Affected Software

VendorProductVersion RangeStatus
LinuxLinux9ad51915f4b368eef8f4cbd3a0b6367d4504c245 < 424f8cdc0ad29e4940be96dcc0b935ba497adedaaffected
LinuxLinuxf955d66b179679312310d42108c0df1cd0714313 < 1424358cd66c49460493293497b54cb72e0213ccaffected
LinuxLinux2f3a9ae990a7881c9a57a073bb52ebe34fdc3160 < e2bbefc1741cb0732c13652be173da02f25611d1affected
LinuxLinux2f3a9ae990a7881c9a57a073bb52ebe34fdc3160 < da6ea0b050fa720302b56fbb59307e7c7531a342affected
LinuxLinux6.1.18 < 6.1.29affected
LinuxLinux6.2.5 < 6.2.16affected
LinuxLinux6.3affected
LinuxLinux0 < 6.3unaffected
LinuxLinux6.1.29 <= 6.1.*unaffected
LinuxLinux6.2.16 <= 6.2.*unaffected
LinuxLinux6.3.3 <= 6.3.*unaffected
LinuxLinux6.4 <= *unaffected

Weaknesses

References