CVE-2023-52444

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> f2fs: fix to avoid dirent corruption<br /> <br /> As Al reported in link[1]:<br /> <br /> f2fs_rename()<br /> ...<br /> if (old_dir != new_dir &amp;&amp; !whiteout)<br /> f2fs_set_link(old_inode, old_dir_entry,<br /> old_dir_page, new_dir);<br /> else<br /> f2fs_put_page(old_dir_page, 0);<br /> <br /> You want correct inumber in the ".." link. And cross-directory<br /> rename does move the source to new parent, even if you&amp;#39;d been asked<br /> to leave a whiteout in the old place.<br /> <br /> [1] https://lore.kernel.org/all/20231017055040.GN800259@ZenIV/<br /> <br /> With below testcase, it may cause dirent corruption, due to it missed<br /> to call f2fs_set_link() to update ".." link to new directory.<br /> - mkdir -p dir/foo<br /> - renameat2 -w dir/foo bar<br /> <br /> [ASSERT] (__chk_dots_dentries:1421) --&gt; Bad inode number[0x4] for &amp;#39;..&amp;#39;, parent parent ino is [0x3]<br /> [FSCK] other corrupted bugs [Fail]