CVE-2023-3212

CVSS V2 None CVSS V3 None

Description

A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. It occurs on corrupt gfs2 file systems when the evict code tries to reference the journal descriptor structure after it has been freed and set to NULL. A privileged local user could use this flaw to cause a kernel panic.

Overview

CVE ID
CVE-2023-3212

Assigner
redhat

Vulnerability Status
PUBLISHED

Published Version
2023-06-23T00:00:00

Last Modified Date
2024-01-11T19:06:22.505410

Weakness Enumerations

CWE	URL
CWE-476	http://cwe.mitre.org/data/definitions/476.html

References

Reference URL	Reference Tags
https://bugzilla.redhat.com/show_bug.cgi?id=2214348
https://github.com/torvalds/linux/commit/504a10d9e46bc37b23d0a1ae2f28973c8516e636
https://www.debian.org/security/2023/dsa-5448	vendor-advisory
https://www.debian.org/security/2023/dsa-5480	vendor-advisory
https://security.netapp.com/advisory/ntap-20230929-0005/
https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html	mailing-list
https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html	mailing-list

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-3212
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3212

History

Created	Old Value	New Value	Data Type	Notes
2024-06-24 21:22:19				Added to TrackCVE