{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-05T04:14:51.969","vulnerabilities":[{"cve":{"id":"CVE-2023-52444","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2024-02-22T17:15:08.430","lastModified":"2024-11-21T08:39:46.620","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to avoid dirent corruption\n\nAs Al reported in link[1]:\n\nf2fs_rename()\n...\n\tif (old_dir != new_dir && !whiteout)\n\t\tf2fs_set_link(old_inode, old_dir_entry,\n\t\t\t\t\told_dir_page, new_dir);\n\telse\n\t\tf2fs_put_page(old_dir_page, 0);\n\nYou want correct inumber in the \"..\" link.  And cross-directory\nrename does move the source to new parent, even if you'd been asked\nto leave a whiteout in the old place.\n\n[1] https://lore.kernel.org/all/20231017055040.GN800259@ZenIV/\n\nWith below testcase, it may cause dirent corruption, due to it missed\nto call f2fs_set_link() to update \"..\" link to new directory.\n- mkdir -p dir/foo\n- renameat2 -w dir/foo bar\n\n[ASSERT] (__chk_dots_dentries:1421)  --> Bad inode number[0x4] for '..', parent parent ino is [0x3]\n[FSCK] other corrupted bugs                           [Fail]"},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: f2fs: corrección para evitar corrupción directa Como informó Al en link[1]: f2fs_rename() ... if (old_dir != new_dir && !whiteout) f2fs_set_link(old_inode, old_dir_entry, old_dir_page, new_dir); demás f2fs_put_page(old_dir_page, 0); Quiere el número correcto en el enlace \"..\" Y el cambio de nombre entre directorios mueve la fuente al nuevo padre, incluso si le hubieran pedido que dejara un espacio en blanco en el lugar anterior. [1] https://lore.kernel.org/all/20231017055040.GN800259@ZenIV/ Con el siguiente caso de prueba, puede causar corrupción directa, debido a que no llamó a f2fs_set_link() para actualizar el enlace \"..\" al nuevo directorio . - mkdir -p dir/foo - renameat2 -w dir/foo bar [ASSERT] (__chk_dots_dentries:1421) --> Número de inodo incorrecto [0x4] para '..', el ino padre padre es [0x3] [FSCK] otro corrupto errores [falla]"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-119"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.2.0","versionEndExcluding":"4.19.306","matchCriteriaId":"70CC102A-02F0-48B6-BEE8-3547C9651B25"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.20","versionEndExcluding":"5.4.268","matchCriteriaId":"991BF737-6083-429B-ACD5-FB27D4143E2F"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5.0","versionEndExcluding":"5.10.209","matchCriteriaId":"5D2E4F24-2FBB-4434-8598-2B1499E566B5"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11.0","versionEndExcluding":"5.15.148","matchCriteriaId":"E25E1389-4B0F-407A-9C94-5908FF3EE88B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16.0","versionEndExcluding":"6.1.75","matchCriteriaId":"2C4951FA-80C0-4B4C-9836-6E5035DEB0F9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2.0","versionEndExcluding":"6.6.14","matchCriteriaId":"BDBBEB0E-D13A-4567-8984-51C5375350B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7.0","versionEndExcluding":"6.7.2","matchCriteriaId":"0EA3778C-730B-464C-8023-18CA6AC0B807"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/02160112e6d45c2610b049df6eb693d7a2e57b46","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/2fb4867f4405aea8c0519d7d188207f232a57862","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/53edb549565f55ccd0bdf43be3d66ce4c2d48b28","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/5624a3c1b1ebc8991318e1cce2aa719542991024","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/6f866885e147d33efc497f1095f35b2ee5ec7310","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d3c0b49aaa12a61d560528f5d605029ab57f0728","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f0145860c20be6bae6785c7a2249577674702ac7","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f100ba617d8be6c98a68f3744ef7617082975b77","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/02160112e6d45c2610b049df6eb693d7a2e57b46","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/2fb4867f4405aea8c0519d7d188207f232a57862","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/53edb549565f55ccd0bdf43be3d66ce4c2d48b28","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/5624a3c1b1ebc8991318e1cce2aa719542991024","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/6f866885e147d33efc497f1095f35b2ee5ec7310","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d3c0b49aaa12a61d560528f5d605029ab57f0728","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f0145860c20be6bae6785c7a2249577674702ac7","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f100ba617d8be6c98a68f3744ef7617082975b77","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}