CVE-2023-52852

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to a use-after-free vulnerability in the f2fs read multi pages() function. When f2fs decompress cluster() is called and a cached page is hit in compress inode's cache, the dic may be released. To avoid accessing an invalid dic pointer, the loop needs to be broken rather than continued. This vulnerability may allow an attacker to impact the confidentiality, integrity, and availability of protected information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.