CVE-2023-52448: gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump
gfs2: Fix kernel NULL pointer dereference in gfs2rgrpdump
Syzkaller has reported a NULL pointer dereference when accessing rgd->rdrgl in gfs2rgrpdump(). This can happen when creatingrgd->rdgl fails in readrindexentry(). Add a NULL pointer check in gfs2rgrpdump() to prevent that.
Other sources
In the Linux kernel, the following vulnerability has been resolved:
gfs2: Fix kernel NULL pointer dereference in gfs2rgrpdump
Syzkaller has reported a NULL pointer dereference when accessing rgd->rdrgl in gfs2rgrpdump(). This can happen when creating rgd->rdgl fails in readrindexentry(). Add a NULL pointer check in gfs2rgrpdump() to prevent that.
— NVD
Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference in gfs2rgrpdump. A local attacker could exploit this vulnerability to cause a denial of service.
— IBM
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of CVE-2023-52448?
CVE-2023-52448 has a medium severity rating due to the potential for denial of service caused by a NULL pointer dereference.
How do I fix CVE-2023-52448?
To fix CVE-2023-52448, update to a patched version of the Linux Kernel, specifically versions 5.10.223-1, 6.1.123-1, or later.
Which Linux Kernel versions are affected by CVE-2023-52448?
CVE-2023-52448 affects multiple Linux Kernel versions including those from 4.20 to 6.7.2.
What impact does CVE-2023-52448 have on systems?
CVE-2023-52448 can lead to a kernel crash, resulting in a denial of service on the affected systems.
Who reported the vulnerability CVE-2023-52448?
The vulnerability CVE-2023-52448 was reported by Syzkaller, a tool for finding bugs in kernel code.