CVE-2023-52448

Advisory lineage Upstream: 0 Downstream: 31
Modified
Published: 22 Feb 2024, 16:21
Last modified:11 May 2026, 19:27

Vulnerability Summary

Overall Risk (default)
low
22/100
CVSS Score
5.5 MEDIUM
v3.1 (nvd)
EPSS Score
<0.01% LOW
0% probability 0.00%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

22 Feb 2024, 16:21
Published
Vulnerability first disclosed
11 May 2026, 19:27
Last Modified
Vulnerability information updated

Description

In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump Syzkaller has reported a NULL pointer dereference when accessing rgd->rd_rgl in gfs2_rgrp_dump(). This can happen when creating rgd->rd_gl fails in read_rindex_entry(). Add a NULL pointer check in gfs2_rgrp_dump() to prevent that.

CVSS Metrics

  • v3.1MEDIUMScore: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Trends

Current EPSS score: 0.01% Percentile: 1%

Techniques & Countermeasures

  • CWE-476NULL Pointer Dereference

    The product dereferences a pointer that it expects to be valid but is NULL.

Affected Systems

  • linuxlinux

    ≥ 72244b6bc752b5c496f09de9a13c18adc314a53c, < efc8ef87ab9185a23d5676f2f7d986022d91bcde | ≥ 72244b6bc752b5c496f09de9a13c18adc314a53c, < 5c28478af371a1c3fdb570ca67f110e1ae60fc37 | ≥ 72244b6bc752b5c496f09de9a13c18adc314a53c, < ee0586d73cbaf0e7058bc640d62a9daf2dfa9178 | ≥ 72244b6bc752b5c496f09de9a13c18adc314a53c, < d69d7804cf9e2ba171a27e5f98bc266f13d0414a | ≥ 72244b6bc752b5c496f09de9a13c18adc314a53c, < 067a7c48c2c70f05f9460d6f0e8423e234729f05 | ≥ 72244b6bc752b5c496f09de9a13c18adc314a53c, < c323efd620c741168c8e0cc6fc0be04ab57e331a | ≥ 72244b6bc752b5c496f09de9a13c18adc314a53c, < 8877243beafa7c6bfc42022cbfdf9e39b25bd4fa | 4.20

  • linuxlinux_kernel

    ≥ 4.20, < 5.4.268 | ≥ 5.5.0, < 5.10.209 | ≥ 5.11.0, < 5.15.148 | ≥ 5.16.0, < 6.1.75 | ≥ 6.2.0, < 6.6.14 | ≥ 6.7.0, < 6.7.2

References (8)