CVE-2023-52787

May 21, 2024, 4:53 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: blk-mq: make sure active queue usage is held for bio_integrity_prep() blk_integrity_unregister() can come if queue usage counter isn't held for one bio with integrity prepared, so this request may be completed with calling profile->complete_fn, then kernel panic. Another constraint is that bio_integrity_prep() needs to be called before bio merge. Fix the issue by: - call bio_integrity_prep() with one queue usage counter grabbed reliably - call bio_integrity_prep() before bio merge

Product(s) Impacted

Product Versions
Linux Kernel

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/b0077e269f6c152e807fdac90b58caf012cdbaab
https://git.kernel.org/stable/c/b5c8e0ff76d10f6bf70a7237678f27c20cf59bc9
https://git.kernel.org/stable/c/b80056bd75a16e4550873ecefe12bc8fd190b1cf
https://git.kernel.org/stable/c/e9c309ded295b7f8849097d71ae231456ca79f78

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2024-05-21
CVE-2023-52787

Timeline

Published: May 21, 2024, 4:15 p.m.
Last Modified: May 21, 2024, 4:53 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.