Home > Vulnerability Database > CVE-2023-3212

Mend.io Vulnerability Database

CVE-2023-3212

Good to know:

Date: June 23, 2023

A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. It occurs on corrupt gfs2 file systems when the evict code tries to reference the journal descriptor structure after it has been freed and set to NULL. A privileged local user could use this flaw to cause a kernel panic.

Language: C

Severity Score

4.4

Related Resources (10)

Url: https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html

Url: https://github.com/torvalds/linux/commit/504a10d9e46bc37b23d0a1ae2f28973c8516e636

Url: https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html

Url: https://www.debian.org/security/2023/dsa-5480

Url: https://nvd.nist.gov/vuln/detail/CVE-2023-3212

Url: https://security.netapp.com/advisory/ntap-20230929-0005/

Url: https://access.redhat.com/security/cve/CVE-2023-3212

Url: https://bugzilla.redhat.com/show_bug.cgi?id=2214348

Url: https://www.debian.org/security/2023/dsa-5448

Url: https://www.mend.io/vulnerability-database/CVE-2023-3212

Severity Score

4.4

Weakness Type (CWE)

NULL Pointer Dereference

CWE-476

Top Fix

Upgrade Version

Upgrade to version 5.10.183,5.15.116,6.1.33

Learn More

CVSS v3.1

Base Score:	4.4
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	HIGH
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2023-3212

Good to know:

Date: June 23, 2023

Language: C

Severity Score

Related Resources (10)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?