Описание
An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4_group_desc_csum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend against attackers with the stated "When modifying the block device while it is mounted by the filesystem" access.
Ссылки
- Issue TrackingPatchThird Party Advisory
- Mailing ListPatch
- Mailing ListPatch
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListPatch
- Issue TrackingPatchThird Party Advisory
- Mailing ListPatch
- Mailing ListPatch
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListPatch
Уязвимые конфигурации
Одно из
EPSS
5.5 Medium
CVSS3
Дефекты
Связанные уязвимости
** DISPUTED ** An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4_group_desc_csum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend against attackers with the stated "When modifying the block device while it is mounted by the filesystem" access.
An issue was discovered in the Linux kernel before 6.3.3. There is an ...
An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4_group_desc_csum does not properly check an offset.
Уязвимость драйвере файловой системы ext4 ядра операционной системы Linux в функции ext4_group_desc_csum(), позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации.
EPSS
5.5 Medium
CVSS3