CVE-2023-3111

high

Description

A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw can be triggered by calling btrfs_ioctl_balance() before calling btrfs_ioctl_defrag().

References

https://www.debian.org/security/2023/dsa-5480

https://security.netapp.com/advisory/ntap-20230703-0007/

https://patchwork.kernel.org/project/linux-btrfs/patch/20220721074829.2905233-1-r33s3n6%40gmail.com/

https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html

https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html

Details

Source: Mitre, NVD

Published: 2023-06-05

Updated: 2023-11-07

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

Severity: Medium

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

Detections

Analytics