CVE-2023-53137

In the Linux kernel, the following vulnerability has been resolved:

ext4: Fix possible corruption when moving a directory

When we are renaming a directory to a different directory, we need to
update '..' entry in the moved directory. However nothing prevents moved
directory from being modified and even converted from the inline format
to the normal format. When such race happens the rename code gets
confused and we crash. Fix the problem by locking the moved directory.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
LinuxCNA
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 9%
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.234-1
fixed
bookworm
6.1.129-1
fixed
bookworm (security)
6.1.135-1
fixed
trixie
6.12.22-1
fixed
sid
6.12.25-1
fixed
References
https://git.kernel.org/stable/c/0813299c586b175d7edb25f56412c54b812d0379
https://git.kernel.org/stable/c/0c440f14558bfacd22c6935ae1fd4b2a09e96b5d
https://git.kernel.org/stable/c/291cd19d107e197306869cb3237c1bba62d13182
https://git.kernel.org/stable/c/8dac5a63cf79707b547ea3d425fead5f4482198f
https://git.kernel.org/stable/c/b0bb13612292ca90fa4c2a7e425375649bc50d3e
https://git.kernel.org/stable/c/c50fc503ee1b97f12c98e26afc39fdaebebcf04f