4 matches found
CVE-2023-54313 ovl: fix null pointer dereference in ovl_get_acl_rcu()
In the Linux kernel, the following vulnerability has been resolved: ovl: fix null pointer dereference in ovlgetaclrcu Following process: P1 P2 pathopenat linkpathwalk maylookup inodepermissionrcu ovlpermission aclpermissioncheck checkacl getcachedaclrcu ovlgetinodeacl realinode =...
CVE-2023-54313
The CVE-2023-54313 entry concerns a Linux kernel ovl filesystem NULL pointer dereference in ovl_get_acl_rcu(). The issue arises when upperdentry inode is NULL and IS_POSIXACL(realinode) dereferences a NULL realinode during ACL checks in overlay (ovl) permission handling, potentially triggering a ...
CVE-2023-54313
In the Linux kernel, the following vulnerability has been resolved: ovl: fix null pointer dereference in ovlgetaclrcu Following process: P1 P2 pathopenat linkpathwalk maylookup inodepermissionrcu ovlpermission aclpermissioncheck checkacl getcachedaclrcu ovlgetinodeacl realinode =...
kernel: Linux kernel OverlayFS: Kernel crash via null pointer dereference in ovl_get_acl_rcu()
A flaw was found in the OverlayFS ovl component of the Linux kernel. A local user can trigger a null pointer dereference by performing a specific sequence of file system operations. This vulnerability occurs when the ovlgetaclrcu function attempts to access a real inode that has been set to NULL...