CVE-2023-52837

Опубликовано: 21 мая 2024

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved:

nbd: fix uaf in nbd_open

Commit 4af5f2e03013 ("nbd: use blk_mq_alloc_disk and blk_cleanup_disk") cleans up disk by blk_cleanup_disk() and it won't set disk->private_data as NULL as before. UAF may be triggered in nbd_open() if someone tries to open nbd device right after nbd_put() since nbd has been free in nbd_dev_remove().

Fix this by implementing ->free_disk and free private data in it.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.14 (включая) до 6.1.63 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 6.2 (включая) до 6.5.12 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 6.6 (включая) до 6.6.2 (исключая)

EPSS

Процентиль: 16%

0.0005

Низкий

7.8 High

CVSS3

Дефекты

CWE-416

Связанные уязвимости

CVE-2023-52837

CVSS3: 7.8

ubuntu

около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: nbd: fix uaf in nbd_open Commit 4af5f2e03013 ("nbd: use blk_mq_alloc_disk and blk_cleanup_disk") cleans up disk by blk_cleanup_disk() and it won't set disk->private_data as NULL as before. UAF may be triggered in nbd_open() if someone tries to open nbd device right after nbd_put() since nbd has been free in nbd_dev_remove(). Fix this by implementing ->free_disk and free private data in it.

CVE-2023-52837

CVSS3: 4.4

redhat

около 1 года назад

CVE-2023-52837

CVSS3: 7.8

debian

около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: n ...

GHSA-hgcx-34qp-j38m

CVSS3: 7.8

github

около 1 года назад

SUSE-SU-2024:2495-1

suse-cvrf

11 месяцев назад

Security update for the Linux Kernel

EPSS

Процентиль: 16%

0.0005

Низкий

7.8 High

CVSS3

Дефекты

CWE-416