CVE-2023-52444
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2023-52444
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-52444.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-52444
- Downstream
- Related
- Published
- 2024-02-22T17:15:08Z
- Modified
- 2025-08-09T20:01:27Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
f2fs: fix to avoid dirent corruption
As Al reported in link[1]:
f2fsrename() ... if (olddir != newdir && !whiteout) f2fssetlink(oldinode, olddirentry, olddirpage, newdir); else f2fsputpage(olddir_page, 0);
You want correct inumber in the ".." link. And cross-directory rename does move the source to new parent, even if you'd been asked to leave a whiteout in the old place.
[1] https://lore.kernel.org/all/20231017055040.GN800259@ZenIV/
With below testcase, it may cause dirent corruption, due to it missed to call f2fssetlink() to update ".." link to new directory. - mkdir -p dir/foo - renameat2 -w dir/foo bar
[ASSERT] (_chkdots_dentries:1421) --> Bad inode number[0x4] for '..', parent parent ino is [0x3] [FSCK] other corrupted bugs [Fail]
- References
-
- https://git.kernel.org/stable/c/02160112e6d45c2610b049df6eb693d7a2e57b46
- https://git.kernel.org/stable/c/2fb4867f4405aea8c0519d7d188207f232a57862
- https://git.kernel.org/stable/c/53edb549565f55ccd0bdf43be3d66ce4c2d48b28
- https://git.kernel.org/stable/c/5624a3c1b1ebc8991318e1cce2aa719542991024
- https://git.kernel.org/stable/c/6f866885e147d33efc497f1095f35b2ee5ec7310
- https://git.kernel.org/stable/c/d3c0b49aaa12a61d560528f5d605029ab57f0728
- https://git.kernel.org/stable/c/f0145860c20be6bae6785c7a2249577674702ac7
- https://git.kernel.org/stable/c/f100ba617d8be6c98a68f3744ef7617082975b77
- https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html