UBUNTU-CVE-2023-52444

Advisory lineage Upstream: 1 Downstream: 16

Upstream

CVE-2023-52444

Downstream

USN-6688-1 USN-6725-1 USN-6725-2 USN-6726-1 USN-6726-2 USN-6726-3

Published: 22 Feb 2024, 17:15

Last modified:03 Jun 2026, 13:36

Vulnerability Summary

Overall Risk (default)

medium

31/100

CVSS Score

7.8 HIGH

3.1 (osv_ubuntu)

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

22 Feb 2024, 17:15

Published

Vulnerability first disclosed

03 Jun 2026, 13:36

Last Modified

Vulnerability information updated

Description

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid dirent corruption As Al reported in link[1]: f2fs_rename() ... if (old_dir != new_dir && !whiteout) f2fs_set_link(old_inode, old_dir_entry, old_dir_page, new_dir); else f2fs_put_page(old_dir_page, 0); You want correct inumber in the ".." link. And cross-directory rename does move the source to new parent, even if you'd been asked to leave a whiteout in the old place. [1] https://lore.kernel.org/all/20231017055040.GN800259@ZenIV/ With below testcase, it may cause dirent corruption, due to it missed to call f2fs_set_link() to update ".." link to new directory. - mkdir -p dir/foo - renameat2 -w dir/foo bar [ASSERT] (__chk_dots_dentries:1421) --> Bad inode number[0x4] for '..', parent parent ino is [0x3] [FSCK] other corrupted bugs [Fail]

CVSS Metrics

v3.1•HIGH•Score: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Systems

ubuntu•linux
< 4.4.0-257.291 | < 4.15.0-227.239 | < 5.4.0-176.196 | < 5.15.0-102.112
ubuntu•linux-allwinner-5.19
all
ubuntu•linux-aws
< 4.4.0-1134.140 | < 4.4.0-1172.187 | < 4.15.0-1170.183 | < 5.4.0-1122.132 | < 5.15.0-1057.63
ubuntu•linux-aws-5.0
all
ubuntu•linux-aws-5.11
all
ubuntu•linux-aws-5.13
all
ubuntu•linux-aws-5.15
< 5.15.0-1057.63~20.04.1
ubuntu•linux-aws-5.19
all
ubuntu•linux-aws-5.3
all
ubuntu•linux-aws-5.4
< 5.4.0-1122.132~18.04.1
ubuntu•linux-aws-5.8
all
ubuntu•linux-aws-6.2
all
ubuntu•linux-aws-6.5
all
ubuntu•linux-aws-fips
< 4.15.0-2109.115 | all | < 5.4.0-1122.132+fips1 | < 5.15.0-1057.63+fips1
ubuntu•linux-aws-hwe
< 4.15.0-1170.183~16.04.1
ubuntu•linux-azure
< 4.15.0-1179.194~14.04.1 | < 4.15.0-1179.194~16.04.1 | all | < 5.4.0-1127.134 | < 5.15.0-1060.69
ubuntu•linux-azure-4.15
< 4.15.0-1179.194
ubuntu•linux-azure-5.11
all
ubuntu•linux-azure-5.13
all
ubuntu•linux-azure-5.15
< 5.15.0-1060.69~20.04.1
ubuntu•linux-azure-5.19
all
ubuntu•linux-azure-5.3
all
ubuntu•linux-azure-5.4
< 5.4.0-1127.134~18.04.1
ubuntu•linux-azure-5.8
all
ubuntu•linux-azure-6.2
all
ubuntu•linux-azure-6.5
< 6.5.0-1022.23~22.04.1
ubuntu•linux-azure-edge
all
ubuntu•linux-azure-fde
all | < 5.15.0-1060.69.1 | all
ubuntu•linux-azure-fde-5.19
all
ubuntu•linux-azure-fde-6.2
all
ubuntu•linux-azure-fde-6.8
all
ubuntu•linux-azure-fips
< 4.15.0-2088.94 | all | < 5.4.0-1127.134+fips1 | < 5.15.0-1060.69+fips1
ubuntu•linux-bluefield
< 5.15.0-1040.42 | < 5.4.0-1082.89 | < 5.15.0-1040.42 | all
ubuntu•linux-fips
< 4.4.0-1103.110 | all | < 4.15.0-1125.136 | < 5.4.0-1096.106 | < 5.15.0-102.112+fips1
ubuntu•linux-gcp
< 4.15.0-1164.181~16.04.1 | all | < 5.4.0-1126.135 | < 5.15.0-1055.63
ubuntu•linux-gcp-4.15
< 4.15.0-1164.181
ubuntu•linux-gcp-5.11
all
ubuntu•linux-gcp-5.13
all
ubuntu•linux-gcp-5.15
< 5.15.0-1055.63~20.04.1
ubuntu•linux-gcp-5.19
all
ubuntu•linux-gcp-5.3
all
ubuntu•linux-gcp-5.4
< 5.4.0-1126.135~18.04.1
ubuntu•linux-gcp-5.8
all
ubuntu•linux-gcp-6.2
all
ubuntu•linux-gcp-6.5
< 6.5.0-1022.24~22.04.1
ubuntu•linux-gcp-fips
< 4.15.0-2072.77 | all | < 5.4.0-1126.135+fips1 | < 5.15.0-1055.63+fips2
ubuntu•linux-gke
all | < 5.15.0-1054.59
ubuntu•linux-gke-4.15
all
ubuntu•linux-gke-5.15
all
ubuntu•linux-gke-5.4
all

Showing first 50 affected entries in server-rendered view.