CVE-2023-53269

Summary

In the Linux kernel, the following vulnerability has been resolved:

block: ublk: make sure that block size is set correctly

block size is one very key setting for block layer, and bad block size could panic kernel easily.

Make sure that block size is set correctly.

Meantime if ublk_validate_params() fails, clear ub->params so that disk is prevented from being added.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux71f28f3136aff5890cd56de78abc673f8393cad9 < 231a49460ac0203270da2471928d392e5586370faffected
LinuxLinux71f28f3136aff5890cd56de78abc673f8393cad9 < 9dbe85ac618ef6ae60abe5dd17ae2b29065d9c1eaffected
LinuxLinux71f28f3136aff5890cd56de78abc673f8393cad9 < 1d1665279a845d16c93687389e364386e3fe0f38affected
LinuxLinux6.0affected
LinuxLinux0 < 6.0unaffected
LinuxLinux6.1.24 <= 6.1.*unaffected
LinuxLinux6.2.11 <= 6.2.*unaffected
LinuxLinux6.3 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References