CVE-2023-53508
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
ublk: fail to start device if queue setup is interrupted
In ublk_ctrl_start_dev(), if wait_for_completion_interruptible() is interrupted by signal, queues aren't setup successfully yet, so we have to fail UBLK_CMD_START_DEV, otherwise kernel oops can be triggered.
Reported by German when working on qemu-storage-deamon which requires single thread ublk daemon.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 71f28f3136aff5890cd56de78abc673f8393cad9 < 0d5916c439574b18a0734872daa0022b3d6105ad | affected |
| Linux | Linux | 71f28f3136aff5890cd56de78abc673f8393cad9 < 6ab3e7d424cd413d7a5e976c8a30b4ffa84a65dd | affected |
| Linux | Linux | 71f28f3136aff5890cd56de78abc673f8393cad9 < 53e7d08f6d6e214c40db1f51291bb2975c789dc2 | affected |
| Linux | Linux | 6.0 | affected |
| Linux | Linux | 0 < 6.0 | unaffected |
| Linux | Linux | 6.1.43 <= 6.1.* | unaffected |
| Linux | Linux | 6.4.8 <= 6.4.* | unaffected |
| Linux | Linux | 6.5 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/0d5916c439574b18a0734872daa0022b3d6105ad
- https://git.kernel.org/stable/c/6ab3e7d424cd413d7a5e976c8a30b4ffa84a65dd
- https://git.kernel.org/stable/c/53e7d08f6d6e214c40db1f51291bb2975c789dc2
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.