CVE-2023-52748 - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: f2fs: avoid format-overflow warning With gcc and W=1 option, there's a warning like this: fs/f2fs/compress.c: In function ‘f2fs_init_page_array_cache’: fs/f2fs/compress.c:1984:47: error: ‘%u’ directive writing between 1 and 7 bytes into a region of size between 5 and 8 [-Werror=format-overflow=] 1984 | sprintf(slab_name, "f2fs_page_array_entry-%u:%u", MAJOR(dev), MINOR(dev)); | ^~ String "f2fs_page_array_entry-%u:%u" can up to 35. The first "%u" can up to 4 and the second "%u" can up to 7, so total size is "24 + 4 + 7 = 35". slab_name's size should be 35 rather than 32.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/3eebe636cac53886bd5d1cdd55e082ec9e84983f
https://git.kernel.org/stable/c/526dd7540a09ecf87b5f54f3ab4e0a2528f25a79
https://git.kernel.org/stable/c/6fca08fd3085253b48fcb1bd243a0a5e18821a00
https://git.kernel.org/stable/c/c041f5ddef00c731c541e00bc8ae97b8c84c682f
https://git.kernel.org/stable/c/e0d4e8acb3789c5a8651061fbab62ca24a45c063
https://git.kernel.org/stable/c/e4088d7d8f1123006d46a42edf51b8c960a58ef9
https://lore.kernel.org/linux-cve-announce/2024052143-CVE-2023-52748-577d@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2023-52748
https://www.cve.org/CVERecord?id=CVE-2023-52748

History

Wed, 11 Sep 2024 13:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-05-21T15:30:38.229Z

Updated: 2024-09-11T17:33:33.570Z

Reserved: 2024-05-21T15:19:24.234Z

Link: CVE-2023-52748

Vulnrichment

Updated: 2024-09-11T12:42:17.317Z

NVD

Status : Awaiting Analysis

Published: 2024-05-21T16:15:14.517

Modified: 2024-05-21T16:53:56.550

Link: CVE-2023-52748

Redhat

Severity : Low

Publid Date: 2024-05-21T00:00:00Z

Links: CVE-2023-52748 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-52748", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-05-21T15:19:24.234Z", "datePublished": "2024-05-21T15:30:38.229Z", "dateUpdated": "2024-09-11T17:33:33.570Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T05:16:37.260Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: avoid format-overflow warning\n\nWith gcc and W=1 option, there's a warning like this:\n\nfs/f2fs/compress.c: In function \u2018f2fs_init_page_array_cache\u2019:\nfs/f2fs/compress.c:1984:47: error: \u2018%u\u2019 directive writing between\n1 and 7 bytes into a region of size between 5 and 8\n[-Werror=format-overflow=]\n 1984 | sprintf(slab_name, \"f2fs_page_array_entry-%u:%u\", MAJOR(dev),\n\t\tMINOR(dev));\n | ^~\n\nString \"f2fs_page_array_entry-%u:%u\" can up to 35. The first \"%u\" can up\nto 4 and the second \"%u\" can up to 7, so total size is \"24 + 4 + 7 = 35\".\nslab_name's size should be 35 rather than 32."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/f2fs/compress.c"], "versions": [{"version": "1da177e4c3f4", "lessThan": "c041f5ddef00", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "e4088d7d8f11", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "526dd7540a09", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "6fca08fd3085", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "3eebe636cac5", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "e0d4e8acb378", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/f2fs/compress.c"], "versions": [{"version": "5.10.202", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.15.140", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.1.64", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.5.13", "lessThanOrEqual": "6.5.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.6.3", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.7", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/c041f5ddef00c731c541e00bc8ae97b8c84c682f"}, {"url": "https://git.kernel.org/stable/c/e4088d7d8f1123006d46a42edf51b8c960a58ef9"}, {"url": "https://git.kernel.org/stable/c/526dd7540a09ecf87b5f54f3ab4e0a2528f25a79"}, {"url": "https://git.kernel.org/stable/c/6fca08fd3085253b48fcb1bd243a0a5e18821a00"}, {"url": "https://git.kernel.org/stable/c/3eebe636cac53886bd5d1cdd55e082ec9e84983f"}, {"url": "https://git.kernel.org/stable/c/e0d4e8acb3789c5a8651061fbab62ca24a45c063"}], "title": "f2fs: avoid format-overflow warning", "x_generator": {"engine": "bippy-a5840b7849dd"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:11:35.561Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/c041f5ddef00c731c541e00bc8ae97b8c84c682f", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e4088d7d8f1123006d46a42edf51b8c960a58ef9", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/526dd7540a09ecf87b5f54f3ab4e0a2528f25a79", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6fca08fd3085253b48fcb1bd243a0a5e18821a00", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/3eebe636cac53886bd5d1cdd55e082ec9e84983f", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e0d4e8acb3789c5a8651061fbab62ca24a45c063", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52748", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:37:22.209174Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:33:33.570Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-52748", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-05-21T15:19:24.234Z", "datePublished": "2024-05-21T15:30:38.229Z", "dateUpdated": "2024-08-02T23:11:35.561Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T05:16:37.260Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: avoid format-overflow warning\n\nWith gcc and W=1 option, there's a warning like this:\n\nfs/f2fs/compress.c: In function \u2018f2fs_init_page_array_cache\u2019:\nfs/f2fs/compress.c:1984:47: error: \u2018%u\u2019 directive writing between\n1 and 7 bytes into a region of size between 5 and 8\n[-Werror=format-overflow=]\n 1984 | sprintf(slab_name, \"f2fs_page_array_entry-%u:%u\", MAJOR(dev),\n\t\tMINOR(dev));\n | ^~\n\nString \"f2fs_page_array_entry-%u:%u\" can up to 35. The first \"%u\" can up\nto 4 and the second \"%u\" can up to 7, so total size is \"24 + 4 + 7 = 35\".\nslab_name's size should be 35 rather than 32."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/f2fs/compress.c"], "versions": [{"version": "1da177e4c3f4", "lessThan": "c041f5ddef00", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "e4088d7d8f11", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "526dd7540a09", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "6fca08fd3085", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "3eebe636cac5", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "e0d4e8acb378", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/f2fs/compress.c"], "versions": [{"version": "5.10.202", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.15.140", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.1.64", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.5.13", "lessThanOrEqual": "6.5.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.6.3", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.7", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/c041f5ddef00c731c541e00bc8ae97b8c84c682f"}, {"url": "https://git.kernel.org/stable/c/e4088d7d8f1123006d46a42edf51b8c960a58ef9"}, {"url": "https://git.kernel.org/stable/c/526dd7540a09ecf87b5f54f3ab4e0a2528f25a79"}, {"url": "https://git.kernel.org/stable/c/6fca08fd3085253b48fcb1bd243a0a5e18821a00"}, {"url": "https://git.kernel.org/stable/c/3eebe636cac53886bd5d1cdd55e082ec9e84983f"}, {"url": "https://git.kernel.org/stable/c/e0d4e8acb3789c5a8651061fbab62ca24a45c063"}], "title": "f2fs: avoid format-overflow warning", "x_generator": {"engine": "bippy-a5840b7849dd"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52748", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:37:22.209174Z"}}}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2024-09-11T12:42:17.317Z"}, "title": "CISA ADP Vulnrichment"}]}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: avoid format-overflow warning\n\nWith gcc and W=1 option, there's a warning like this:\n\nfs/f2fs/compress.c: In function \u2018f2fs_init_page_array_cache\u2019:\nfs/f2fs/compress.c:1984:47: error: \u2018%u\u2019 directive writing between\n1 and 7 bytes into a region of size between 5 and 8\n[-Werror=format-overflow=]\n 1984 | sprintf(slab_name, \"f2fs_page_array_entry-%u:%u\", MAJOR(dev),\n\t\tMINOR(dev));\n | ^~\n\nString \"f2fs_page_array_entry-%u:%u\" can up to 35. The first \"%u\" can up\nto 4 and the second \"%u\" can up to 7, so total size is \"24 + 4 + 7 = 35\".\nslab_name's size should be 35 rather than 32."}, {"lang": "es", "value": "En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: f2fs: evitar aviso de desbordamiento de formato. Con la opci\u00f3n gcc y W=1, aparece un aviso como este: fs/f2fs/compress.c: En la funci\u00f3n 'f2fs_init_page_array_cache': fs/f2fs /compress.c:1984:47: error: directiva '%u' escribiendo entre 1 y 7 bytes en una regi\u00f3n de tama\u00f1o entre 5 y 8 [-Werror=format-overflow=] 1984 | sprintf(slab_name, \"f2fs_page_array_entry-%u:%u\", MAJOR(dev), MINOR(dev)); | ^~ La cadena \"f2fs_page_array_entry-%u:%u\" puede tener hasta 35. El primer \"%u\" puede tener hasta 4 y el segundo \"%u\" puede hasta 7, por lo que el tama\u00f1o total es \"24 + 4 + 7 = 35\". El tama\u00f1o de slab_name debe ser 35 en lugar de 32."}], "id": "CVE-2023-52748", "lastModified": "2024-05-21T16:53:56.550", "metrics": {}, "published": "2024-05-21T16:15:14.517", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/3eebe636cac53886bd5d1cdd55e082ec9e84983f"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/526dd7540a09ecf87b5f54f3ab4e0a2528f25a79"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/6fca08fd3085253b48fcb1bd243a0a5e18821a00"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/c041f5ddef00c731c541e00bc8ae97b8c84c682f"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/e0d4e8acb3789c5a8651061fbab62ca24a45c063"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/e4088d7d8f1123006d46a42edf51b8c960a58ef9"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: f2fs: avoid format-overflow warning", "id": "2282633", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282633"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-121", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nf2fs: avoid format-overflow warning\nWith gcc and W=1 option, there's a warning like this:\nfs/f2fs/compress.c: In function \u2018f2fs_init_page_array_cache\u2019:\nfs/f2fs/compress.c:1984:47: error: \u2018%u\u2019 directive writing between\n1 and 7 bytes into a region of size between 5 and 8\n[-Werror=format-overflow=]\n1984 | sprintf(slab_name, \"f2fs_page_array_entry-%u:%u\", MAJOR(dev),\nMINOR(dev));\n| ^~\nString \"f2fs_page_array_entry-%u:%u\" can up to 35. The first \"%u\" can up\nto 4 and the second \"%u\" can up to 7, so total size is \"24 + 4 + 7 = 35\".\nslab_name's size should be 35 rather than 32."], "name": "CVE-2023-52748", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-21T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-52748\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-52748\nhttps://lore.kernel.org/linux-cve-announce/2024052143-CVE-2023-52748-577d@gregkh/T"], "threat_severity": "Low", "upstream_fix": "kernel 5.10.202, kernel 5.15.140, kernel 6.1.64, kernel 6.5.13, kernel 6.6.3, kernel 6.7"}