U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

CVE-2023-52748 Detail

Description

In the Linux kernel, the following vulnerability has been resolved: f2fs: avoid format-overflow warning With gcc and W=1 option, there's a warning like this: fs/f2fs/compress.c: In function ‘f2fs_init_page_array_cache’: fs/f2fs/compress.c:1984:47: error: ‘%u’ directive writing between 1 and 7 bytes into a region of size between 5 and 8 [-Werror=format-overflow=] 1984 | sprintf(slab_name, "f2fs_page_array_entry-%u:%u", MAJOR(dev), MINOR(dev)); | ^~ String "f2fs_page_array_entry-%u:%u" can up to 35. The first "%u" can up to 4 and the second "%u" can up to 7, so total size is "24 + 4 + 7 = 35". slab_name's size should be 35 rather than 32.


Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NIST CVSS score
NIST: NVD
N/A
NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink Resource
https://git.kernel.org/stable/c/3eebe636cac53886bd5d1cdd55e082ec9e84983f
https://git.kernel.org/stable/c/3eebe636cac53886bd5d1cdd55e082ec9e84983f
https://git.kernel.org/stable/c/526dd7540a09ecf87b5f54f3ab4e0a2528f25a79
https://git.kernel.org/stable/c/526dd7540a09ecf87b5f54f3ab4e0a2528f25a79
https://git.kernel.org/stable/c/6fca08fd3085253b48fcb1bd243a0a5e18821a00
https://git.kernel.org/stable/c/6fca08fd3085253b48fcb1bd243a0a5e18821a00
https://git.kernel.org/stable/c/c041f5ddef00c731c541e00bc8ae97b8c84c682f
https://git.kernel.org/stable/c/c041f5ddef00c731c541e00bc8ae97b8c84c682f
https://git.kernel.org/stable/c/e0d4e8acb3789c5a8651061fbab62ca24a45c063
https://git.kernel.org/stable/c/e0d4e8acb3789c5a8651061fbab62ca24a45c063
https://git.kernel.org/stable/c/e4088d7d8f1123006d46a42edf51b8c960a58ef9
https://git.kernel.org/stable/c/e4088d7d8f1123006d46a42edf51b8c960a58ef9

Weakness Enumeration

CWE-ID CWE Name Source

Change History

3 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2023-52748
NVD Published Date:
05/21/2024
NVD Last Modified:
11/21/2024
Source:
kernel.org