Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2024-53102

Опубликовано: 25 нояб. 2024
Источник: redhat
CVSS3: 4.7

Описание

[REJECTED CVE] A vulnerability in the Linux kernel's NVMe subsystem allowed a race condition between the fabric controller shutdown process and the asynchronous NVMe keep-alive operation, potentially leading to a use-after-free scenario and kernel crash. An attacker could exploit this by triggering frequent keep-alive requests while a fabric controller is shutting down, increasing the likelihood of accessing already-freed admin queue resources, causing system instability or denial of service.

Отчет

This CVE has been rejected upstream: https://lore.kernel.org/linux-cve-announce/2024121247-REJECTED-38fa@gregkh/

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelOut of support scope
Red Hat Enterprise Linux 7kernel-rtOut of support scope
Red Hat Enterprise Linux 8kernelWill not fix
Red Hat Enterprise Linux 8kernel-rtWill not fix
Red Hat Enterprise Linux 9kernelAffected
Red Hat Enterprise Linux 9kernel-rtAffected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-362
https://bugzilla.redhat.com/show_bug.cgi?id=2328796kernel: nvme: make keep-alive synchronous operation

4.7 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2024-53102

ubuntu
около 1 года назад

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

nvd логотип

CVE-2024-53102

nvd
около 1 года назад

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

github логотип

GHSA-59xx-49pj-8gx8

github
около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: nvme: make keep-alive synchronous operation The nvme keep-alive operation, which executes at a periodic interval, could potentially sneak in while shutting down a fabric controller. This may lead to a race between the fabric controller admin queue destroy code path (invoked while shutting down controller) and hw/hctx queue dispatcher called from the nvme keep-alive async request queuing operation. This race could lead to the kernel crash shown below: Call Trace: autoremove_wake_function+0x0/0xbc (unreliable) __blk_mq_sched_dispatch_requests+0x114/0x24c blk_mq_sched_dispatch_requests+0x44/0x84 blk_mq_run_hw_queue+0x140/0x220 nvme_keep_alive_work+0xc8/0x19c [nvme_core] process_one_work+0x200/0x4e0 worker_thread+0x340/0x504 kthread+0x138/0x140 start_kernel_thread+0x14/0x18 While shutting down fabric controller, if nvme keep-alive request sneaks in then it would be flushed off. Th...

4.7 Medium

CVSS3