Name | CVE-2023-53473 |
Description | In the Linux kernel, the following vulnerability has been resolved: ext4: improve error handling from ext4_dirhash() The ext4_dirhash() will *almost* never fail, especially when the hash tree feature was first introduced. However, with the addition of support of encrypted, casefolded file names, that function can most certainly fail today. So make sure the callers of ext4_dirhash() properly check for failures, and reflect the errors back up to their callers. |
Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
The table below lists information on source packages.
Source Package | Release | Version | Status |
---|---|---|---|
linux (PTS) | bullseye | 5.10.223-1 | vulnerable |
bullseye (security) | 5.10.237-1 | vulnerable | |
bookworm | 6.1.148-1 | fixed | |
bookworm (security) | 6.1.153-1 | fixed | |
trixie | 6.12.43-1 | fixed | |
trixie (security) | 6.12.48-1 | fixed | |
forky | 6.16.8-1 | fixed | |
sid | 6.16.9-1 | fixed |
The information below is based on the following data on fixed versions.
Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
---|---|---|---|---|---|---|
linux | source | bookworm | 6.1.37-1 | |||
linux | source | (unstable) | 6.3.7-1 |
https://git.kernel.org/linus/4b3cb1d108bfc2aebb0d7c8a52261a53cf7f5786 (6.4-rc2)