CVE-2023-52583

Sažetak

In the Linux kernel, the following vulnerability has been resolved: ceph: fix deadlock or deadcode of misusing dget() The lock order is incorrect between denty and its parent, we should always make sure that the parent get the lock first. But since this deadcode is never used and the parent dir will always be set from the callers, let's just remove it.

Reference

https://git.kernel.org/stable/c/196b87e5c00ce021e164a5de0f0d04f4116a9160
https://git.kernel.org/stable/c/6ab4fd508fad942f1f1ba940492f2735e078e980
https://git.kernel.org/stable/c/76cb2aa3421fee4fde706dec41b1344bc0a9ad67
https://git.kernel.org/stable/c/7f2649c94264d00df6b6ac27161e9f4372a3450e
https://git.kernel.org/stable/c/a9c15d6e8aee074fae66c04d114f20b84274fcca
https://git.kernel.org/stable/c/b493ad718b1f0357394d2cdecbf00a44a36fa085
https://git.kernel.org/stable/c/e016e358461b89b231626fcf78c5c38e35c44fd3
https://git.kernel.org/stable/c/eb55ba8aa7fb7aad54f40fbf4d8dcdfdba0bebf6
https://git.kernel.org/stable/c/196b87e5c00ce021e164a5de0f0d04f4116a9160
https://git.kernel.org/stable/c/6ab4fd508fad942f1f1ba940492f2735e078e980
https://git.kernel.org/stable/c/76cb2aa3421fee4fde706dec41b1344bc0a9ad67
https://git.kernel.org/stable/c/7f2649c94264d00df6b6ac27161e9f4372a3450e
https://git.kernel.org/stable/c/a9c15d6e8aee074fae66c04d114f20b84274fcca
https://git.kernel.org/stable/c/b493ad718b1f0357394d2cdecbf00a44a36fa085
https://git.kernel.org/stable/c/e016e358461b89b231626fcf78c5c38e35c44fd3
https://git.kernel.org/stable/c/eb55ba8aa7fb7aad54f40fbf4d8dcdfdba0bebf6
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

CVSS

Base:	5.5
Impact:	3.6
Exploitability:	1.8

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	LOW

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	HIGH

CVSS vektor

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Zadnje važnije ažuriranje

03-02-2025 - 14:18

Objavljeno

06-03-2024 - 07:15