CVE-2023-52588

f2fs: fix to tag gcing flag on page during block migration

Description

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to tag gcing flag on page during block migration It needs to add missing gcing flag on page during block migration, in order to garantee migrated data be persisted during checkpoint, otherwise out-of-order persistency between data and node may cause data corruption after SPOR. Similar issue was fixed by commit 2d1fe8a86bf5 ("f2fs: fix to tag gcing flag on page during file defragment").

7.1
CVSS
Severity: High
CVSS 3.1 •
EPSS 0.01%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/7ea0f29d9fd84905051be020c0df7d557e286136 patch mailing list
https://git.kernel.org/stable/c/7c972c89457511007dfc933814c06786905e515c patch mailing list
https://git.kernel.org/stable/c/417b8a91f4e8831cadaf85c3f15c6991c1f54dde patch mailing list
https://git.kernel.org/stable/c/b8094c0f1aae329b1c60a275a780d6c2c9ff7aa3 patch mailing list
https://git.kernel.org/stable/c/4961acdd65c956e97c1a000c82d91a8c1cdbe44b patch mailing list

Frequently Asked Questions

What is the severity of CVE-2023-52588?
CVE-2023-52588 has been scored as a high severity vulnerability.
How to fix CVE-2023-52588?
To fix CVE-2023-52588, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2023-52588 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2023-52588 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2023-52588?
CVE-2023-52588 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.