ГлавнаяУязвимости → CVE-2023-52436
7.8высокая

CVE-2023-52436

→ есть в БДУ: BDU:2024-03704 (на русском)
Описание (на английском; русское — в БДУ выше)

In the Linux kernel, the following vulnerability has been resolved: f2fs: explicitly null-terminate the xattr list When setting an xattr, explicitly null-terminate the xattr list. This eliminates the fragile assumption that the unused xattr space is always zeroed.

Затрагиваемое ПО
Linux Linux kernel
CVSS
Балл7.8 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://git.kernel.org/stable/c/12cf91e23b126718a96b914f949f2cdfeadc7b2ahttps://git.kernel.org/stable/c/16ae3132ff7746894894927c1892493693b89135https://git.kernel.org/stable/c/2525d1ba225b5c167162fa344013c408e8b4de36https://git.kernel.org/stable/c/32a6cfc67675ee96fe107aeed5af9776fec63f11https://git.kernel.org/stable/c/3e47740091b05ac8d7836a33afd8646b6863ca52https://git.kernel.org/stable/c/5de9e9dd1828db9b8b962f7ca42548bd596deb8ahttps://git.kernel.org/stable/c/e26b6d39270f5eab0087453d9b544189a38c8564https://git.kernel.org/stable/c/f6c30bfe5a49bc38cae985083a11016800708fea