CVE-2023-3212: Null Pointer Dereference
First published: Mon Jun 12 2023(Updated: )
A flaw in the Linux Kernel found in the GFS2 file system. On corrupted gfs2 file systems the evict code can try to reference the journal descriptor structure, jdesc, after it has been freed and set to NULL. It can lead to null pointer dereference when gfs2_trans_begin being called and then fail ingfs2_evict_inode(). Reference: <a href="https://listman.redhat.com/archives/cluster-devel/2023-April/023914.html">https://listman.redhat.com/archives/cluster-devel/2023-April/023914.html</a>
Credit: secalert@redhat.com secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux Linux kernel | <6.4 | |
| Linux Linux kernel | =6.4-rc1 | |
| Fedoraproject Fedora | =38 | |
| Redhat Enterprise Linux | =8.0 | |
| Redhat Enterprise Linux | =9.0 | |
| Debian Debian Linux | =10.0 | |
| Debian Debian Linux | =11.0 | |
| Debian Debian Linux | =12.0 | |
| All of | ||
| Netapp H300s Firmware | ||
| Netapp H300s | ||
| All of | ||
| Netapp H500s Firmware | ||
| Netapp H500s | ||
| All of | ||
| Netapp H700s Firmware | ||
| Netapp H700s | ||
| All of | ||
| Netapp H410s Firmware | ||
| Netapp H410s | ||
| All of | ||
| Netapp H410c Firmware | ||
| Netapp H410c | ||
| IBM QRadar SIEM | <=7.5 - 7.5.0 UP8 IF01 | |
| redhat/kernel | <6.4 | 6.4 |
| debian/linux | 5.10.223-1 5.10.226-1 6.1.115-1 6.1.112-1 6.11.7-1 6.11.9-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/show_bug.cgi?id=2214348
- https://github.com/torvalds/linux/commit/504a10d9e46bc37b23d0a1ae2f28973c8516e636
- https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html
- https://security.netapp.com/advisory/ntap-20230929-0005/
- https://www.debian.org/security/2023/dsa-5448
- https://www.debian.org/security/2023/dsa-5480
- https://listman.redhat.com/archives/cluster-devel/2023-April/023914.html
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2214349
- https://access.redhat.com/errata/RHSA-2023:6583
- https://access.redhat.com/errata/RHSA-2023:6901
- https://access.redhat.com/errata/RHSA-2023:7077
- https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html
- https://launchpad.net/bugs/cve/CVE-2023-3212
- https://exchange.xforce.ibmcloud.com/vulnerabilities/258885
- https://www.ibm.com/support/pages/node/7150684 (Advisory)
- https://git.kernel.org/linus/504a10d9e46bc37b23d0a1ae2f28973c8516e636
- https://security-tracker.debian.org/tracker/CVE-2023-3212
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3212
- https://nvd.nist.gov/vuln/detail/CVE-2023-3212
- https://ubuntu.com/security/CVE-2023-3212
- collector/nvd-index
- agent/type
- agent/remedy
- agent/first-publish-date
- agent/author
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2023-3212
- agent/software-canonical-lookup
- collector/launchpad-cve
- source/Launchpad
- agent/weakness
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup-request
- collector/nvd-api
- collector/ibm-support
- source/IBM
- agent/references
- agent/severity
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/tags
- collector/security-tracker-debian
- source/Debian
- agent/softwarecombine
- collector/usn-cve
- source/Ubuntu
- vendor/linux
- canonical/linux linux kernel
- version/linux linux kernel/6.4-rc1
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/38
- vendor/redhat
- canonical/redhat enterprise linux
- version/redhat enterprise linux/8.0
- version/redhat enterprise linux/9.0
- package-manager/redhat
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/10.0
- version/debian debian linux/11.0
- version/debian debian linux/12.0
- vendor/netapp
- canonical/netapp h300s firmware
- canonical/netapp h300s
- canonical/netapp h500s firmware
- canonical/netapp h500s
- canonical/netapp h700s firmware
- canonical/netapp h700s
- canonical/netapp h410s firmware
- canonical/netapp h410s
- canonical/netapp h410c firmware
- canonical/netapp h410c
- vendor/ibm
- canonical/ibm qradar siem
- version/ibm qradar siem/7.5 - 7.5.0 up8 if01
- package-manager/debian