Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-5at1-tqba-6kfg
Vulnerability ID VCID-5at1-tqba-6kfg
Aliases CVE-2023-52590
Summary In the Linux kernel, the following vulnerability has been resolved: ocfs2: Avoid touching renamed directory if parent does not change The VFS will not be locking moved directory if its parent does not change. Change ocfs2 rename code to avoid touching renamed directory if its parent does not change as without locking that can corrupt the filesystem.
Status Published
Exploitability 0.5
Weighted Severity 6.4
Risk 3.2
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-413 Improper Resource Locking
System Score Found at
cvssv3 7.1 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52590.json
epss 8e-05 https://api.first.org/data/v1/epss?cve=CVE-2023-52590
epss 8e-05 https://api.first.org/data/v1/epss?cve=CVE-2023-52590
epss 8e-05 https://api.first.org/data/v1/epss?cve=CVE-2023-52590
cvssv3.1 4.4 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
ssvc Track https://git.kernel.org/stable/c/9d618d19b29c2943527e3a43da0a35aea91062fc
ssvc Track https://git.kernel.org/stable/c/de940cede3c41624e2de27f805b490999f419df9
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52590.json
https://api.first.org/data/v1/epss?cve=CVE-2023-52590
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52590
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2268325 https://bugzilla.redhat.com/show_bug.cgi?id=2268325
9d618d19b29c2943527e3a43da0a35aea91062fc https://git.kernel.org/stable/c/9d618d19b29c2943527e3a43da0a35aea91062fc
de940cede3c41624e2de27f805b490999f419df9 https://git.kernel.org/stable/c/de940cede3c41624e2de27f805b490999f419df9
No exploits are available.
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52590.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:55:58Z/ Found at https://git.kernel.org/stable/c/9d618d19b29c2943527e3a43da0a35aea91062fc
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T15:55:58Z/ Found at https://git.kernel.org/stable/c/de940cede3c41624e2de27f805b490999f419df9
Exploit Prediction Scoring System (EPSS)
Percentile 0.00769
EPSS Score 8e-05
Published At June 5, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-04T16:47:38.439680+00:00 Debian Importer Import https://security-tracker.debian.org/tracker/data/json 38.6.0