CVE-2023-52748

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to a format-overflow warning in the f2fs component of the Linux kernel. The warning occurs when using the gcc compiler with the W=1 option. The problem is in the f2fs init page array cache function, where the sprintf function writes between 1 and 7 bytes into a region of size between 5 and 8. The string "f2fs page array entry-%u:%u" can be up to 35 characters long, but the slab name buffer is only 32 characters long. This could potentially lead to a buffer overflow. The vulnerability may allow an attacker to access confidential information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.