CVE-2023-53846

A use-after-free vulnerability was found in the F2FS filesystem in the Linux kernel. The truncatednode function lacks proper sanity checks on direct node pages, allowing a corrupted filesystem where one inode incorrectly references another inode's node to trigger out-of-bounds memory access durin...

CVE-2023-53846

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on direct node in truncatednode syzbot reports below bug: BUG: KASAN: slab-use-after-free in f2fstruncatedatablocksrange+0x122a/0x14c0 fs/f2fs/file.c:574 Read of size 4 at addr ffff88802a25c000 by tas...

CVE-2023-53846

CVE-2023-53846: In the Linux kernel f2fs, a direct node truncation path could traverse node addr mappings out of bounds, causing slab-use-after-free. The fix adds a sanity check on the dnode page during truncate_dnode() to prevent out-of-bound access and to record an ERROR_INVALID_NODE_REFERENCE ...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from f2fs not performing integrity checks on direct nodes in truncatednode, which could lead to memory corruption...

PT-2025-49737

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.4.0-rc7-syzkaller-00041-ge660abd551f1 Description The Linux kernel contains a flaw within the f2fs file system related to handling inode truncation. Specifically, a missing sanity check in the truncate dnode...