exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

bind: "CVE-2023-52515"

exploitDog

bind: "CVE-2023-52515"

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 16

Количество 16

CVE-2023-52515

больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: Do not call scsi_done() from srp_abort() After scmd_eh_abort_handler() has called the SCSI LLD eh_abort_handler callback, it performs one of the following actions: * Call scsi_queue_insert(). * Call scsi_finish_command(). * Call scsi_eh_scmd_add(). Hence, SCSI abort handlers must not call scsi_done(). Otherwise all the above actions would trigger a use-after-free. Hence remove the scsi_done() call from srp_abort(). Keep the srp_free_req() call before returning SUCCESS because we may not see the command again if SUCCESS is returned.

CVSS3: 7.8

EPSS: Низкий

CVE-2023-52515

больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: Do not call scsi_done() from srp_abort() After scmd_eh_abort_handler() has called the SCSI LLD eh_abort_handler callback, it performs one of the following actions: * Call scsi_queue_insert(). * Call scsi_finish_command(). * Call scsi_eh_scmd_add(). Hence, SCSI abort handlers must not call scsi_done(). Otherwise all the above actions would trigger a use-after-free. Hence remove the scsi_done() call from srp_abort(). Keep the srp_free_req() call before returning SUCCESS because we may not see the command again if SUCCESS is returned.

CVSS3: 6

EPSS: Низкий

CVE-2023-52515

больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: Do not call scsi_done() from srp_abort() After scmd_eh_abort_handler() has called the SCSI LLD eh_abort_handler callback, it performs one of the following actions: * Call scsi_queue_insert(). * Call scsi_finish_command(). * Call scsi_eh_scmd_add(). Hence, SCSI abort handlers must not call scsi_done(). Otherwise all the above actions would trigger a use-after-free. Hence remove the scsi_done() call from srp_abort(). Keep the srp_free_req() call before returning SUCCESS because we may not see the command again if SUCCESS is returned.

CVSS3: 7.8

EPSS: Низкий

CVE-2023-52515

больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: R ...

CVSS3: 7.8

EPSS: Низкий

GHSA-9mhh-v2w9-x3xj

больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: Do not call scsi_done() from srp_abort() After scmd_eh_abort_handler() has called the SCSI LLD eh_abort_handler callback, it performs one of the following actions: * Call scsi_queue_insert(). * Call scsi_finish_command(). * Call scsi_eh_scmd_add(). Hence, SCSI abort handlers must not call scsi_done(). Otherwise all the above actions would trigger a use-after-free. Hence remove the scsi_done() call from srp_abort(). Keep the srp_free_req() call before returning SUCCESS because we may not see the command again if SUCCESS is returned.

CVSS3: 7.8

EPSS: Низкий

BDU:2024-07819

почти 2 года назад

Уязвимость компонента RDMA/srp ядра операционной системы Linux, позволяющая нарушителю повысить свои привилегии

CVSS3: 8.8

EPSS: Низкий

ROS-20241003-01

9 месяцев назад

Множественные уязвимости kernel-lt

CVSS3: 8.8

EPSS: Низкий

SUSE-SU-2024:1321-1

около 1 года назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2024:1466-1

около 1 года назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2024:1322-1

около 1 года назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2024:1480-1

около 1 года назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2024:1490-1

около 1 года назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2024:1646-1

около 1 года назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2024:1870-1

около 1 года назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2024:1648-1

около 1 года назад

Security update for the Linux Kernel

EPSS: Низкий

SUSE-SU-2024:1643-1

около 1 года назад

Security update for the Linux Kernel

EPSS: Низкий

Уязвимостей на страницу

	Уязвимость	CVSS	EPSS	Опубликовано
	CVE-2023-52515 In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: Do not call scsi_done() from srp_abort() After scmd_eh_abort_handler() has called the SCSI LLD eh_abort_handler callback, it performs one of the following actions: * Call scsi_queue_insert(). * Call scsi_finish_command(). * Call scsi_eh_scmd_add(). Hence, SCSI abort handlers must not call scsi_done(). Otherwise all the above actions would trigger a use-after-free. Hence remove the scsi_done() call from srp_abort(). Keep the srp_free_req() call before returning SUCCESS because we may not see the command again if SUCCESS is returned.	CVSS3: 7.8	0% Низкий	больше 1 года назад
	CVE-2023-52515 In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: Do not call scsi_done() from srp_abort() After scmd_eh_abort_handler() has called the SCSI LLD eh_abort_handler callback, it performs one of the following actions: * Call scsi_queue_insert(). * Call scsi_finish_command(). * Call scsi_eh_scmd_add(). Hence, SCSI abort handlers must not call scsi_done(). Otherwise all the above actions would trigger a use-after-free. Hence remove the scsi_done() call from srp_abort(). Keep the srp_free_req() call before returning SUCCESS because we may not see the command again if SUCCESS is returned.	CVSS3: 6	0% Низкий	больше 1 года назад
	CVE-2023-52515 In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: Do not call scsi_done() from srp_abort() After scmd_eh_abort_handler() has called the SCSI LLD eh_abort_handler callback, it performs one of the following actions: * Call scsi_queue_insert(). * Call scsi_finish_command(). * Call scsi_eh_scmd_add(). Hence, SCSI abort handlers must not call scsi_done(). Otherwise all the above actions would trigger a use-after-free. Hence remove the scsi_done() call from srp_abort(). Keep the srp_free_req() call before returning SUCCESS because we may not see the command again if SUCCESS is returned.	CVSS3: 7.8	0% Низкий	больше 1 года назад
	CVE-2023-52515 In the Linux kernel, the following vulnerability has been resolved: R ...	CVSS3: 7.8	0% Низкий	больше 1 года назад
	GHSA-9mhh-v2w9-x3xj In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: Do not call scsi_done() from srp_abort() After scmd_eh_abort_handler() has called the SCSI LLD eh_abort_handler callback, it performs one of the following actions: * Call scsi_queue_insert(). * Call scsi_finish_command(). * Call scsi_eh_scmd_add(). Hence, SCSI abort handlers must not call scsi_done(). Otherwise all the above actions would trigger a use-after-free. Hence remove the scsi_done() call from srp_abort(). Keep the srp_free_req() call before returning SUCCESS because we may not see the command again if SUCCESS is returned.	CVSS3: 7.8	0% Низкий	больше 1 года назад
	BDU:2024-07819 Уязвимость компонента RDMA/srp ядра операционной системы Linux, позволяющая нарушителю повысить свои привилегии	CVSS3: 8.8	0% Низкий	почти 2 года назад
	ROS-20241003-01 Множественные уязвимости kernel-lt	CVSS3: 8.8		9 месяцев назад
	SUSE-SU-2024:1321-1 Security update for the Linux Kernel			около 1 года назад
	SUSE-SU-2024:1466-1 Security update for the Linux Kernel			около 1 года назад
	SUSE-SU-2024:1322-1 Security update for the Linux Kernel			около 1 года назад
	SUSE-SU-2024:1480-1 Security update for the Linux Kernel			около 1 года назад
	SUSE-SU-2024:1490-1 Security update for the Linux Kernel			около 1 года назад
	SUSE-SU-2024:1646-1 Security update for the Linux Kernel			около 1 года назад
	SUSE-SU-2024:1870-1 Security update for the Linux Kernel			около 1 года назад
	SUSE-SU-2024:1648-1 Security update for the Linux Kernel			около 1 года назад
	SUSE-SU-2024:1643-1 Security update for the Linux Kernel			около 1 года назад

Уязвимостей на страницу