{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-52682", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-03-07T14:49:46.887Z", "datePublished": "2024-05-17T14:24:45.345Z", "dateUpdated": "2025-05-04T07:41:27.856Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T07:41:27.856Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to wait on block writeback for post_read case\n\nIf inode is compressed, but not encrypted, it missed to call\nf2fs_wait_on_block_writeback() to wait for GCed page writeback\nin IPU write path.\n\nThread A\t\t\t\tGC-Thread\n\t\t\t\t\t- f2fs_gc\n\t\t\t\t\t - do_garbage_collect\n\t\t\t\t\t - gc_data_segment\n\t\t\t\t\t - move_data_block\n\t\t\t\t\t - f2fs_submit_page_write\n\t\t\t\t\t migrate normal cluster's block via\n\t\t\t\t\t meta_inode's page cache\n- f2fs_write_single_data_page\n - f2fs_do_write_data_page\n - f2fs_inplace_write_data\n - f2fs_submit_page_bio\n\nIRQ\n- f2fs_read_end_io\n\t\t\t\t\tIRQ\n\t\t\t\t\told data overrides new data due to\n\t\t\t\t\tout-of-order GC and common IO.\n\t\t\t\t\t- f2fs_read_end_io"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/f2fs/data.c"], "versions": [{"version": "4c8ff7095bef64fc47e996a938f7d57f9e077da3", "lessThan": "9bfd5ea71521d0e522ba581c6ccc5db93759c0c3", "status": "affected", "versionType": "git"}, {"version": "4c8ff7095bef64fc47e996a938f7d57f9e077da3", "lessThan": "4535be48780431753505e74e1b1ad4836a189bc2", "status": "affected", "versionType": "git"}, {"version": "4c8ff7095bef64fc47e996a938f7d57f9e077da3", "lessThan": "f904c156d8011d8291ffd5b6b398f3747e294986", "status": "affected", "versionType": "git"}, {"version": "4c8ff7095bef64fc47e996a938f7d57f9e077da3", "lessThan": "55fdc1c24a1d6229fe0ecf31335fb9a2eceaaa00", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/f2fs/data.c"], "versions": [{"version": "5.6", "status": "affected"}, {"version": "0", "lessThan": "5.6", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.75", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.14", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.7.2", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.6", "versionEndExcluding": "6.1.75"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.6", "versionEndExcluding": "6.6.14"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.6", "versionEndExcluding": "6.7.2"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.6", "versionEndExcluding": "6.8"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/9bfd5ea71521d0e522ba581c6ccc5db93759c0c3"}, {"url": "https://git.kernel.org/stable/c/4535be48780431753505e74e1b1ad4836a189bc2"}, {"url": "https://git.kernel.org/stable/c/f904c156d8011d8291ffd5b6b398f3747e294986"}, {"url": "https://git.kernel.org/stable/c/55fdc1c24a1d6229fe0ecf31335fb9a2eceaaa00"}], "title": "f2fs: fix to wait on block writeback for post_read case", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52682", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-23T19:39:15.342278Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:23:15.749Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:11:34.506Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/9bfd5ea71521d0e522ba581c6ccc5db93759c0c3", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/4535be48780431753505e74e1b1ad4836a189bc2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/f904c156d8011d8291ffd5b6b398f3747e294986", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/55fdc1c24a1d6229fe0ecf31335fb9a2eceaaa00", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/9bfd5ea71521d0e522ba581c6ccc5db93759c0c3", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/4535be48780431753505e74e1b1ad4836a189bc2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/f904c156d8011d8291ffd5b6b398f3747e294986", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/55fdc1c24a1d6229fe0ecf31335fb9a2eceaaa00", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:11:34.506Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52682", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-23T19:39:15.342278Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:39:20.454Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "f2fs: fix to wait on block writeback for post_read case", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "4c8ff7095bef64fc47e996a938f7d57f9e077da3", "lessThan": "9bfd5ea71521d0e522ba581c6ccc5db93759c0c3", "versionType": "git"}, {"status": "affected", "version": "4c8ff7095bef64fc47e996a938f7d57f9e077da3", "lessThan": "4535be48780431753505e74e1b1ad4836a189bc2", "versionType": "git"}, {"status": "affected", "version": "4c8ff7095bef64fc47e996a938f7d57f9e077da3", "lessThan": "f904c156d8011d8291ffd5b6b398f3747e294986", "versionType": "git"}, {"status": "affected", "version": "4c8ff7095bef64fc47e996a938f7d57f9e077da3", "lessThan": "55fdc1c24a1d6229fe0ecf31335fb9a2eceaaa00", "versionType": "git"}], "programFiles": ["fs/f2fs/data.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.6"}, {"status": "unaffected", "version": "0", "lessThan": "5.6", "versionType": "semver"}, {"status": "unaffected", "version": "6.1.75", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.14", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.7.2", "versionType": "semver", "lessThanOrEqual": "6.7.*"}, {"status": "unaffected", "version": "6.8", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["fs/f2fs/data.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/9bfd5ea71521d0e522ba581c6ccc5db93759c0c3"}, {"url": "https://git.kernel.org/stable/c/4535be48780431753505e74e1b1ad4836a189bc2"}, {"url": "https://git.kernel.org/stable/c/f904c156d8011d8291ffd5b6b398f3747e294986"}, {"url": "https://git.kernel.org/stable/c/55fdc1c24a1d6229fe0ecf31335fb9a2eceaaa00"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to wait on block writeback for post_read case\n\nIf inode is compressed, but not encrypted, it missed to call\nf2fs_wait_on_block_writeback() to wait for GCed page writeback\nin IPU write path.\n\nThread A\t\t\t\tGC-Thread\n\t\t\t\t\t- f2fs_gc\n\t\t\t\t\t - do_garbage_collect\n\t\t\t\t\t - gc_data_segment\n\t\t\t\t\t - move_data_block\n\t\t\t\t\t - f2fs_submit_page_write\n\t\t\t\t\t migrate normal cluster's block via\n\t\t\t\t\t meta_inode's page cache\n- f2fs_write_single_data_page\n - f2fs_do_write_data_page\n - f2fs_inplace_write_data\n - f2fs_submit_page_bio\n\nIRQ\n- f2fs_read_end_io\n\t\t\t\t\tIRQ\n\t\t\t\t\told data overrides new data due to\n\t\t\t\t\tout-of-order GC and common IO.\n\t\t\t\t\t- f2fs_read_end_io"}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.1.75", "versionStartIncluding": "5.6"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.6.14", "versionStartIncluding": "5.6"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.7.2", "versionStartIncluding": "5.6"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.8", "versionStartIncluding": "5.6"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T07:41:27.856Z"}}}, "cveMetadata": {"cveId": "CVE-2023-52682", "state": "PUBLISHED", "dateUpdated": "2025-05-04T07:41:27.856Z", "dateReserved": "2024-03-07T14:49:46.887Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-17T14:24:45.345Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "13605B12-370B-4461-98FF-513B221402E5", "versionEndExcluding": "6.1.75", "versionStartIncluding": "5.6", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "5C6B50A6-3D8B-4CE2-BDCC-A098609CBA14", "versionEndExcluding": "6.6.14", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "7229C448-E0C9-488B-8939-36BA5254065E", "versionEndExcluding": "6.7.2", "versionStartIncluding": "6.7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to wait on block writeback for post_read case\n\nIf inode is compressed, but not encrypted, it missed to call\nf2fs_wait_on_block_writeback() to wait for GCed page writeback\nin IPU write path.\n\nThread A\t\t\t\tGC-Thread\n\t\t\t\t\t- f2fs_gc\n\t\t\t\t\t - do_garbage_collect\n\t\t\t\t\t - gc_data_segment\n\t\t\t\t\t - move_data_block\n\t\t\t\t\t - f2fs_submit_page_write\n\t\t\t\t\t migrate normal cluster's block via\n\t\t\t\t\t meta_inode's page cache\n- f2fs_write_single_data_page\n - f2fs_do_write_data_page\n - f2fs_inplace_write_data\n - f2fs_submit_page_bio\n\nIRQ\n- f2fs_read_end_io\n\t\t\t\t\tIRQ\n\t\t\t\t\told data overrides new data due to\n\t\t\t\t\tout-of-order GC and common IO.\n\t\t\t\t\t- f2fs_read_end_io"}, {"lang": "es", "value": " En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: f2fs: correcci\u00f3n para esperar en la reescritura del bloque para el caso post_read. Si el inodo est\u00e1 comprimido, pero no encriptado, no llam\u00f3 a f2fs_wait_on_block_writeback() para esperar la reescritura de la p\u00e1gina GCed en la ruta de escritura de la IPU. Subproceso A GC-Thread - f2fs_gc - do_garbage_collect - gc_data_segment - move_data_block - f2fs_submit_page_write migra el bloque del cl\u00faster normal a trav\u00e9s del cach\u00e9 de p\u00e1gina de meta_inode - f2fs_write_single_data_page - f2fs_do_write_data_page - f2fs_inplace_write_data - f2fs_submit_page_bio IRQ - fs_read_end_io Los datos antiguos de IRQ anulan los datos nuevos debido a GC desordenado y com\u00fan O\u00cd. - f2fs_read_end_io"}], "id": "CVE-2023-52682", "lastModified": "2025-09-19T18:45:46.573", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-05-17T15:15:19.427", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/4535be48780431753505e74e1b1ad4836a189bc2"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/55fdc1c24a1d6229fe0ecf31335fb9a2eceaaa00"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9bfd5ea71521d0e522ba581c6ccc5db93759c0c3"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/f904c156d8011d8291ffd5b6b398f3747e294986"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/4535be48780431753505e74e1b1ad4836a189bc2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/55fdc1c24a1d6229fe0ecf31335fb9a2eceaaa00"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9bfd5ea71521d0e522ba581c6ccc5db93759c0c3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/f904c156d8011d8291ffd5b6b398f3747e294986"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: f2fs: fix to wait on block writeback for post_read case", "id": "2281319", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281319"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nf2fs: fix to wait on block writeback for post_read case\nIf inode is compressed, but not encrypted, it missed to call\nf2fs_wait_on_block_writeback() to wait for GCed page writeback\nin IPU write path.\nThread AGC-Thread\n- f2fs_gc\n- do_garbage_collect\n- gc_data_segment\n- move_data_block\n- f2fs_submit_page_write\nmigrate normal cluster's block via\nmeta_inode's page cache\n- f2fs_write_single_data_page\n- f2fs_do_write_data_page\n- f2fs_inplace_write_data\n- f2fs_submit_page_bio\nIRQ\n- f2fs_read_end_io\nIRQ\nold data overrides new data due to\nout-of-order GC and common IO.\n- f2fs_read_end_io", "A vulnerability was found in the Linux kernel's Flash-Friendly File System (F2FS) implementation. This issue arises from a failure to wait for block writeback in the post-read case, which could lead to data corruption or inconsistencies."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2023-52682", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-17T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-52682\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-52682\nhttps://lore.kernel.org/linux-cve-announce/2024051751-CVE-2023-52682-fae2@gregkh/T"], "statement": "Red Hat Enterprise Linux is not vulnerable to this CVE, as it does not affect the versions or configurations of the Linux kernel used in its distributions.", "threat_severity": "Moderate"}

{"created": "2025-07-13T11:21:53.125621+00:00", "updated": "2025-07-13T11:21:53.125693+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}