{"id":"CVE-2023-52852","summary":"f2fs: compress: fix to avoid use-after-free on dic","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: compress: fix to avoid use-after-free on dic\n\nCall trace:\n __memcpy+0x128/0x250\n f2fs_read_multi_pages+0x940/0xf7c\n f2fs_mpage_readpages+0x5a8/0x624\n f2fs_readahead+0x5c/0x110\n page_cache_ra_unbounded+0x1b8/0x590\n do_sync_mmap_readahead+0x1dc/0x2e4\n filemap_fault+0x254/0xa8c\n f2fs_filemap_fault+0x2c/0x104\n __do_fault+0x7c/0x238\n do_handle_mm_fault+0x11bc/0x2d14\n do_mem_abort+0x3a8/0x1004\n el0_da+0x3c/0xa0\n el0t_64_sync_handler+0xc4/0xec\n el0t_64_sync+0x1b4/0x1b8\n\nIn f2fs_read_multi_pages(), once f2fs_decompress_cluster() was called if\nwe hit cached page in compress_inode's cache, dic may be released, it needs\nbreak the loop rather than continuing it, in order to avoid accessing\ninvalid dic pointer.","modified":"2026-04-02T09:43:24.253116Z","published":"2024-05-21T15:31:47.889Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52852.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/8c4504cc0c64862740a6acb301e0cfa59580dbc5"},{"type":"WEB","url":"https://git.kernel.org/stable/c/932ddb5c29e884cc6fac20417ece72ba4a35c401"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9375ea7f269093d7c884857ae1f47633a91f429c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9d065aa52b6ee1b06f9c4eca881c9b4425a12ba2"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b0327c84e91a0f4f0abced8cb83ec86a7083f086"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52852.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52852"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"6ce19aff0b8cd386860855185c6cd79337fc4d2b"},{"fixed":"8c4504cc0c64862740a6acb301e0cfa59580dbc5"},{"fixed":"9375ea7f269093d7c884857ae1f47633a91f429c"},{"fixed":"932ddb5c29e884cc6fac20417ece72ba4a35c401"},{"fixed":"9d065aa52b6ee1b06f9c4eca881c9b4425a12ba2"},{"fixed":"b0327c84e91a0f4f0abced8cb83ec86a7083f086"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"a23706426da9b611be5beae0f3faa260fb453b4e"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-52852.json"}}],"schema_version":"1.7.5"}