retired/CVE-2023-3212


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

Description: gfs2: Don't deref jdesc in evict
References:
 https://bugzilla.redhat.com/show_bug.cgi?id=2214348
Notes:
 bwh> This affects 4.19 and it's actually worse - a UAF rather than NPE.
 bwh> It needs at least part of commit 601ef0d52e96 "gfs2: Force
 bwh> withdraw to replay journals and wait for it to finish" as well.
Bugs:
upstream: released (6.4-rc2) [504a10d9e46bc37b23d0a1ae2f28973c8516e636]
6.1-upstream-stable: released (6.1.33) [5ae4a618a1558d2b536fdd5d42e53d3e2d73870c]
5.10-upstream-stable: released (5.10.183) [d03d31d3a206093b9b8759dddf0ba9bd843606ba]
4.19-upstream-stable: released (4.19.291) [d3af9cea9a1ce56f427e41e5ffcdafe9280f099f]
sid: released (6.3.7-1)
6.1-bookworm-security: released (6.1.37-1)
5.10-bullseye-security: released (5.10.191-1)
4.19-buster-security: released (4.19.304-1)