2 matches found
kernel: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all()
In the Linux kernel, the following vulnerability has been resolved: ext4: fix out-of-bound read in ext4xattrinodedecrefall There's issue as follows: BUG: KASAN: use-after-free in ext4xattrinodedecrefall+0x6ff/0x790 Read of size 4 at addr ffff88807b003000 by task syz-executor.0/15172 CPU: 3 PID:...
CVE-2023-53089
CVE-2023-53089 affects the Linux kernel ext4/xattr path. The issue occurs during eviction of inodes with extended attributes (EA) where ext4_xattr_delete_inode triggers a hang due to finding an EA inode (ea_inum = 15) that is in I_FREEING state and waiting for the EA inode’s deletion, causing an ...