Bug 2425016 (CVE-2023-54062)
| Summary: | CVE-2023-54062 kernel: ext4: fix invalid free tracking in ext4_xattr_move_to_block() | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | OSIDB Bzimport <bzimport> |
| Component: | vulnerability | Assignee: | Product Security DevOps Team <prodsec-dev> |
| Status: | NEW --- | QA Contact: | |
| Severity: | low | Docs Contact: | |
| Priority: | low | ||
| Version: | unspecified | Keywords: | Security |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | --- | |
| Doc Text: |
A memory management flaw was found in the Linux kernel's ext4 filesystem extended attribute handling. In ext4_xattr_move_to_block(), when moving an extended attribute value to an external block, the code checks entry->e_value_inum to determine if the buffer was allocated via kvmalloc(). However, at cleanup time the xattr entry pointer is stale (already removed), leading to either calling kvfree() on an invalid pointer or leaking memory that should have been freed.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
OSIDB Bzimport
2025-12-24 13:02:13 UTC
|