CVE-2023-2513

Published: May 8, 2023

Modified: Apr 23, 2025

PUBLISHED

Description

A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors.

Vendor	Product	Versions
n/a	Linux kernel ext4 filesystem	affected `Fixed in kernel 6.0-rc1`

Weaknesses (CWE)

CWE-416

References

https://lore.kernel.org/all/20220616021358.2504451-1-libaokun1%40huawei.com/

https://github.com/torvalds/linux/commit/67d7d8ad99be

https://bugzilla.redhat.com/show_bug.cgi?id=2193097

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-2513

Description

Affected Products

Weaknesses (CWE)

References