CVE-2023-53420

BUG: KASAN: slab-out-of-bounds in ntfslistea fs/ntfs3/xattr.c:191 [inline] BUG: KASAN: slab-out-of-bounds in ntfs_listxattr+0x401/0x570 fs/ntfs3/xattr.c:710 Read of size 1 at addr ffff888021acaf3d by task syz-executor128/3632

Call Trace: ntfslistea fs/ntfs3/xattr.c:191 [inline] ntfslistxattr+0x401/0x570 fs/ntfs3/xattr.c:710 vfslistxattr fs/xattr.c:457 [inline] listxattr+0x293/0x2d0 fs/xattr.c:804

Fix the logic of eaall iteration. When the ea->namelen is 0, return immediately, or Add2Ptr() would visit invalid memory in the next loop.

[almaz.alexandrovich@paragon-software.com: lines of the patch have changed]

Database specific

{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53420.json"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

be71b5cba2e6485e8959da7a9f9a44461a1bb074

Fixed

f3380d895e28a32632eb3609f5bd515adee4e5a1

Fixed

c86a2517df6c9304db8fb12b77136ec7a5d85994

Fixed

721b75ea2dfce53a8890dff92ae01afca8e74f88

Fixed

3c675ddffb17a8b1e32efad5c983254af18b12c2

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

5.15.0

Fixed

5.15.121

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

6.1.39

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.4.4