{"id":"CVE-2023-52760","summary":"gfs2: Fix slab-use-after-free in gfs2_qd_dealloc","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: Fix slab-use-after-free in gfs2_qd_dealloc\n\nIn gfs2_put_super(), whether withdrawn or not, the quota should\nbe cleaned up by gfs2_quota_cleanup().\n\nOtherwise, struct gfs2_sbd will be freed before gfs2_qd_dealloc (rcu\ncallback) has run for all gfs2_quota_data objects, resulting in\nuse-after-free.\n\nAlso, gfs2_destroy_threads() and gfs2_quota_cleanup() is already called\nby gfs2_make_fs_ro(), so in gfs2_put_super(), after calling\ngfs2_make_fs_ro(), there is no need to call them again.","modified":"2026-04-02T09:43:19.097050Z","published":"2024-05-21T15:30:46.427Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52760.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/08a28272faa750d4357ea2cb48d2baefd778ea81"},{"type":"WEB","url":"https://git.kernel.org/stable/c/7ad4e0a4f61c57c3ca291ee010a9d677d0199fba"},{"type":"WEB","url":"https://git.kernel.org/stable/c/bdcb8aa434c6d36b5c215d02a9ef07551be25a37"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52760.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52760"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"f66af88e33212b57ea86da2c5d66c0d9d5c46344"},{"fixed":"08a28272faa750d4357ea2cb48d2baefd778ea81"},{"fixed":"bdcb8aa434c6d36b5c215d02a9ef07551be25a37"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-52760.json"}}],"schema_version":"1.7.5"}