CVE-2023-52631

{"id": "CVE-2023-52631", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2024-04-02T07:15:40.900", "references": [{"url": "https://git.kernel.org/stable/c/686820fe141ea0220fc6fdfc7e5694f915cf64b2", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/ae4acad41b0f93f1c26cc0fc9135bb79d8282d0b", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/b2dd7b953c25ffd5912dda17e980e7168bebcf6c", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/ec1bedd797588fe38fc11cba26d77bb1d9b194c6", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/fb7bcd1722bc9bc55160378f5f99c01198fd14a7", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/686820fe141ea0220fc6fdfc7e5694f915cf64b2", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/ae4acad41b0f93f1c26cc0fc9135bb79d8282d0b", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/b2dd7b953c25ffd5912dda17e980e7168bebcf6c", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/ec1bedd797588fe38fc11cba26d77bb1d9b194c6", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/fb7bcd1722bc9bc55160378f5f99c01198fd14a7", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-476"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Fix an NULL dereference bug\n\nThe issue here is when this is called from ntfs_load_attr_list(). The\n\"size\" comes from le32_to_cpu(attr->res.data_size) so it can't overflow\non a 64bit systems but on 32bit systems the \"+ 1023\" can overflow and\nthe result is zero. This means that the kmalloc will succeed by\nreturning the ZERO_SIZE_PTR and then the memcpy() will crash with an\nOops on the next line."}, {"lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: fs/ntfs3: corrige un error de desreferencia NULL El problema aqu\u00ed es cuando se llama desde ntfs_load_attr_list(). El \"tama\u00f1o\" proviene de le32_to_cpu(attr->res.data_size), por lo que no puede desbordarse en sistemas de 64 bits, pero en sistemas de 32 bits el \"+ 1023\" puede desbordarse y el resultado es cero. Esto significa que kmalloc tendr\u00e1 \u00e9xito al devolver ZERO_SIZE_PTR y luego memcpy() fallar\u00e1 con un Ups en la siguiente l\u00ednea."}], "lastModified": "2024-11-21T08:40:14.577", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}