QwikSec

Security Database

CVE

CWE

Training

CVE-2023-37454

Published: Jul 6, 2023

Modified: Nov 20, 2024

PUBLISHED

Description

An issue was discovered in the Linux kernel through 6.4.2. A crafted UDF filesystem image causes a use-after-free write operation in the udf_put_super and udf_close_lvid functions in fs/udf/super.c. NOTE: the suse.com reference has a different perspective about this.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://lore.kernel.org/all/00000000000056e02f05dfb6e11a%40google.com/T/

https://syzkaller.appspot.com/bug?extid=60864ed35b1073540d57

https://syzkaller.appspot.com/bug?extid=61564e5023b7229ec85d

https://syzkaller.appspot.com/bug?extid=26873a72980f8fa8bc55

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-37454

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6f861765464f43a71462d52026fbddfc858239a5

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

CVE-2023-37454 - Security Vulnerability | QwikSec