CVE-2023-52631 : In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: F

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix an NULL dereference bug The issue here is when this is called from ntfs_load_attr_list(). The "size" comes from le32_to_cpu(attr->res.data_size) so it can't overflow on a 64bit systems but on 32bit systems the "+ 1023" can overflow and the result is zero. This means that the kmalloc will succeed by returning the ZERO_SIZE_PTR and then the memcpy() will crash with an Oops on the next line.

Published 2024-04-02 07:15:41

Updated 2025-04-08 19:28:36

Source Linux

View at NVD, CVE.org

Products affected by CVE-2023-52631

Linux » Linux Kernel
Versions from including (>=) 6.7 and before (<) 6.7.5
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 5.16 and before (<) 6.1.78
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 5.15 and before (<) 5.15.149
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 6.2 and before (<) 6.6.17
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 6.8 Update RC1
cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 6.8 Update RC2
cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 6.8 Update RC3
cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2023-52631

EPSS FAQ

0.02%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 3 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2023-52631

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.5	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H	1.8	3.6	134c704f-9b21-4f2e-91b3-4a467353bcc0	2024-10-31
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2023-52631

CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

Assigned by: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

References for CVE-2023-52631

https://git.kernel.org/stable/c/ae4acad41b0f93f1c26cc0fc9135bb79d8282d0b

fs/ntfs3: Fix an NULL dereference bug - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/b2dd7b953c25ffd5912dda17e980e7168bebcf6c

fs/ntfs3: Fix an NULL dereference bug - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/ec1bedd797588fe38fc11cba26d77bb1d9b194c6

fs/ntfs3: Fix an NULL dereference bug - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/686820fe141ea0220fc6fdfc7e5694f915cf64b2

fs/ntfs3: Fix an NULL dereference bug - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/fb7bcd1722bc9bc55160378f5f99c01198fd14a7

fs/ntfs3: Fix an NULL dereference bug - kernel/git/stable/linux.git - Linux kernel stable tree
Patch

Jump to

Vulnerability Details : CVE-2023-52631

Products affected by CVE-2023-52631

Exploit prediction scoring system (EPSS) score for CVE-2023-52631

CVSS scores for CVE-2023-52631

CWE ids for CVE-2023-52631

References for CVE-2023-52631