CVE-2023-54272 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix a possible null-pointer dereference in ni_clear() In a previous commit c1006bd13146, ni->mi.mrec in ni_write_inode() could be NULL, and thus a NULL check is added for this variable. However, in the same call stack, ni->mi.mrec can be also dereferenced in ni_clear(): ntfs_evict_inode(inode) ni_write_inode(inode, ...) ni = ntfs_i(inode); is_rec_inuse(ni->mi.mrec) -> Add a NULL check by previous commit ni_clear(ntfs_i(inode)) is_rec_inuse(ni->mi.mrec) -> No check Thus, a possible null-pointer dereference may exist in ni_clear(). To fix it, a NULL check is added in this function.

PUBLISHED Reserved 2025-12-30 | Published 2025-12-30 | Updated 2026-01-05 | Assigner Linux

Product status

Default status

unaffected

4342306f0f0d5ff4315a204d315c1b51b914fca5 (git) before 20f9bfc664d6a478f9a5bbc0c380f80f7a1a06c6

affected

4342306f0f0d5ff4315a204d315c1b51b914fca5 (git) before 39c6312009574ca73865354133ca222e7753a71b

affected

4342306f0f0d5ff4315a204d315c1b51b914fca5 (git) before e7675f85a92233136c630000a0b7cf97826705da

affected

4342306f0f0d5ff4315a204d315c1b51b914fca5 (git) before ec275bf9693d19cc0fdce8436f4c425ced86f6e7

affected

Default status

affected

5.15

affected

Any version before 5.15

unaffected

5.15.113 (semver)

unaffected

6.1.81 (semver)

unaffected

6.3.4 (semver)

unaffected

6.4 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/20f9bfc664d6a478f9a5bbc0c380f80f7a1a06c6

git.kernel.org/...c/39c6312009574ca73865354133ca222e7753a71b

git.kernel.org/...c/e7675f85a92233136c630000a0b7cf97826705da

git.kernel.org/...c/ec275bf9693d19cc0fdce8436f4c425ced86f6e7

cve.org (CVE-2023-54272)

nvd.nist.gov (CVE-2023-54272)

Download JSON

help @ threatint.eu