CVE-2023-52640 - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix oob in ntfs_listxattr The length of name cannot exceed the space occupied by ea.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/0830c5cf19bdec50d0ede4755ddc463663deb21c
https://git.kernel.org/stable/c/52fff5799e3d1b5803ecd2f5f19c13c65f4f7b23
https://git.kernel.org/stable/c/6ed6cdbe88334ca3430c5aee7754dc4597498dfb
https://git.kernel.org/stable/c/731ab1f9828800df871c5a7ab9ffe965317d3f15
https://git.kernel.org/stable/c/a585faf0591548fe0920641950ebfa8a6eefe1cd
https://lore.kernel.org/linux-cve-announce/2024040355-CVE-2023-52640-2657@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2023-52640
https://www.cve.org/CVERecord?id=CVE-2023-52640

History

Wed, 11 Sep 2024 13:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-04-03T17:00:10.216Z

Updated: 2024-11-04T14:50:15.829Z

Reserved: 2024-03-06T09:52:12.093Z

Link: CVE-2023-52640

Vulnrichment

Updated: 2024-08-02T23:03:21.274Z

NVD

Status : Awaiting Analysis

Published: 2024-04-03T17:15:47.410

Modified: 2024-04-03T17:24:18.150

Link: CVE-2023-52640

Redhat

Severity : Moderate

Publid Date: 2024-04-03T00:00:00Z

Links: CVE-2023-52640 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-52640", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-03-06T09:52:12.093Z", "datePublished": "2024-04-03T17:00:10.216Z", "dateUpdated": "2024-11-04T14:50:15.829Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-04T14:50:15.829Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Fix oob in ntfs_listxattr\n\nThe length of name cannot exceed the space occupied by ea."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/ntfs3/xattr.c"], "versions": [{"version": "1da177e4c3f4", "lessThan": "a585faf05915", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "6ed6cdbe8833", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "52fff5799e3d", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "0830c5cf19bd", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "731ab1f98288", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/ntfs3/xattr.c"], "versions": [{"version": "5.15.150", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.80", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.19", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.7.7", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/a585faf0591548fe0920641950ebfa8a6eefe1cd"}, {"url": "https://git.kernel.org/stable/c/6ed6cdbe88334ca3430c5aee7754dc4597498dfb"}, {"url": "https://git.kernel.org/stable/c/52fff5799e3d1b5803ecd2f5f19c13c65f4f7b23"}, {"url": "https://git.kernel.org/stable/c/0830c5cf19bdec50d0ede4755ddc463663deb21c"}, {"url": "https://git.kernel.org/stable/c/731ab1f9828800df871c5a7ab9ffe965317d3f15"}], "title": "fs/ntfs3: Fix oob in ntfs_listxattr", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:03:21.274Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/a585faf0591548fe0920641950ebfa8a6eefe1cd", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6ed6cdbe88334ca3430c5aee7754dc4597498dfb", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/52fff5799e3d1b5803ecd2f5f19c13c65f4f7b23", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/0830c5cf19bdec50d0ede4755ddc463663deb21c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/731ab1f9828800df871c5a7ab9ffe965317d3f15", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52640", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:52:10.390866Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:32:51.801Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/a585faf0591548fe0920641950ebfa8a6eefe1cd", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6ed6cdbe88334ca3430c5aee7754dc4597498dfb", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/52fff5799e3d1b5803ecd2f5f19c13c65f4f7b23", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/0830c5cf19bdec50d0ede4755ddc463663deb21c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/731ab1f9828800df871c5a7ab9ffe965317d3f15", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:03:21.274Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52640", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:52:10.390866Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:13.127Z"}}], "cna": {"title": "fs/ntfs3: Fix oob in ntfs_listxattr", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "1da177e4c3f4", "lessThan": "a585faf05915", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "6ed6cdbe8833", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "52fff5799e3d", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "0830c5cf19bd", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "731ab1f98288", "versionType": "git"}], "programFiles": ["fs/ntfs3/xattr.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "unaffected", "version": "5.15.150", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.80", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.19", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.7.7", "versionType": "semver", "lessThanOrEqual": "6.7.*"}, {"status": "unaffected", "version": "6.8", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["fs/ntfs3/xattr.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/a585faf0591548fe0920641950ebfa8a6eefe1cd"}, {"url": "https://git.kernel.org/stable/c/6ed6cdbe88334ca3430c5aee7754dc4597498dfb"}, {"url": "https://git.kernel.org/stable/c/52fff5799e3d1b5803ecd2f5f19c13c65f4f7b23"}, {"url": "https://git.kernel.org/stable/c/0830c5cf19bdec50d0ede4755ddc463663deb21c"}, {"url": "https://git.kernel.org/stable/c/731ab1f9828800df871c5a7ab9ffe965317d3f15"}], "x_generator": {"engine": "bippy-9e1c9544281a"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Fix oob in ntfs_listxattr\n\nThe length of name cannot exceed the space occupied by ea."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-04T14:50:15.829Z"}}}, "cveMetadata": {"cveId": "CVE-2023-52640", "state": "PUBLISHED", "dateUpdated": "2024-11-04T14:50:15.829Z", "dateReserved": "2024-03-06T09:52:12.093Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-04-03T17:00:10.216Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"bugzilla": {"description": "kernel: fs/ntfs3: Fix oob in ntfs_listxattr", "id": "2273089", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273089"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.1", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "status": "draft"}, "cwe": "CWE-125", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nfs/ntfs3: Fix oob in ntfs_listxattr\nThe length of name cannot exceed the space occupied by ea.", "A vulnerability was found in the ntfs3 function in ntfs_list_ea() in the Linux kernel, where a missing check on the length of an attribute name could exceed the expected size of the extended attribute structure and cause an out-of-bounds error. This issue could result in memory corruption, data leakage, crashes, and arbitrary code execution."], "name": "CVE-2023-52640", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-04-03T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-52640\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-52640\nhttps://lore.kernel.org/linux-cve-announce/2024040355-CVE-2023-52640-2657@gregkh/T"], "statement": "Red Hat Enterprise Linux products are not affected by this vulnerability as Red Hat does not build or ship ntfs3 in any version of RHEL.", "threat_severity": "Moderate", "upstream_fix": "kernel 5.15.150, kernel 6.1.80, kernel 6.6.19, kernel 6.7.7, kernel 6.8"}