CVE-2023-53786

Summary

In the Linux kernel, the following vulnerability has been resolved:

dm flakey: fix a crash with invalid table line

This command will crash with NULL pointer dereference: dmsetup create flakey –table
"0 blockdev --getsize /dev/ram0 flakey /dev/ram0 0 0 1 2 corrupt_bio_byte 512"

Fix the crash by checking if arg_name is non-NULL before comparing it.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxa3998799fb4df0b0af8271a7d50c4269032397aa < f95cb1526669ccdf7eb12eefd57a893953e3595faffected
LinuxLinuxa3998799fb4df0b0af8271a7d50c4269032397aa < 12849ed107c0b2869fb775c81208050899006f07affected
LinuxLinuxa3998799fb4df0b0af8271a7d50c4269032397aa < 337b7af273562b73c46ef77a724604ad139ca762affected
LinuxLinuxa3998799fb4df0b0af8271a7d50c4269032397aa < a1e3fffe02e05c05357af91364ac0fc1ed425b5baffected
LinuxLinuxa3998799fb4df0b0af8271a7d50c4269032397aa < f76fcb9d43ec014ac4a1bb983768696d5b032df9affected
LinuxLinuxa3998799fb4df0b0af8271a7d50c4269032397aa < cb874a190f3f7c3c3fa5b979bee7a3b8cc3a19ccaffected
LinuxLinuxa3998799fb4df0b0af8271a7d50c4269032397aa < 83b4e3d878ea6be9aec1d5a1ab177c766c64d1a0affected
LinuxLinuxa3998799fb4df0b0af8271a7d50c4269032397aa < 8258d84a7917aeece773716518deadb7ad776cb7affected
LinuxLinuxa3998799fb4df0b0af8271a7d50c4269032397aa < 98dba02d9a93eec11bffbb93c7c51624290702d2affected
LinuxLinux3.1affected
LinuxLinux0 < 3.1unaffected
LinuxLinux4.14.315 <= 4.14.*unaffected
LinuxLinux4.19.283 <= 4.19.*unaffected
LinuxLinux5.4.243 <= 5.4.*unaffected
LinuxLinux5.10.180 <= 5.10.*unaffected
LinuxLinux5.15.111 <= 5.15.*unaffected
LinuxLinux6.1.28 <= 6.1.*unaffected
LinuxLinux6.2.15 <= 6.2.*unaffected
LinuxLinux6.3.2 <= 6.3.*unaffected
LinuxLinux6.4 <= *unaffected

Weaknesses

References