Описание
In the Linux kernel, the following vulnerability has been resolved:
ext4: Fix possible corruption when moving a directory
When we are renaming a directory to a different directory, we need to update '..' entry in the moved directory. However nothing prevents moved directory from being modified and even converted from the inline format to the normal format. When such race happens the rename code gets confused and we crash. Fix the problem by locking the moved directory.
In the Linux kernel, the following vulnerability has been resolved:
ext4: Fix possible corruption when moving a directory
When we are renaming a directory to a different directory, we need to update '..' entry in the moved directory. However nothing prevents moved directory from being modified and even converted from the inline format to the normal format. When such race happens the rename code gets confused and we crash. Fix the problem by locking the moved directory.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2023-53137
- https://git.kernel.org/stable/c/0813299c586b175d7edb25f56412c54b812d0379
- https://git.kernel.org/stable/c/0c440f14558bfacd22c6935ae1fd4b2a09e96b5d
- https://git.kernel.org/stable/c/291cd19d107e197306869cb3237c1bba62d13182
- https://git.kernel.org/stable/c/8dac5a63cf79707b547ea3d425fead5f4482198f
- https://git.kernel.org/stable/c/b0bb13612292ca90fa4c2a7e425375649bc50d3e
- https://git.kernel.org/stable/c/c50fc503ee1b97f12c98e26afc39fdaebebcf04f
CVE ID
Связанные уязвимости
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
