Lucene search
416baaa9-dc9f-4396-8d5f-8c081fb06d67NVD:CVE-2023-52837HistoryMay 21, 2024 - 4:15 p.m.
CVE-2023-52837
2024-05-2116:15:21
416baaa9-dc9f-4396-8d5f-8c081fb06d67
web.nvd.nist.gov
linux kernel
vulnerability
cve-2023-52837
nbd module
uaf
In the Linux kernel, the following vulnerability has been resolved:
nbd: fix uaf in nbd_open
Commit 4af5f2e03013 (“nbd: use blk_mq_alloc_disk and
blk_cleanup_disk”) cleans up disk by blk_cleanup_disk() and it won’t set
disk->private_data as NULL as before. UAF may be triggered in nbd_open()
if someone tries to open nbd device right after nbd_put() since nbd has
been free in nbd_dev_remove().
Fix this by implementing ->free_disk and free private data in it.
Related
debiancve
debiancve
CVE-2023-52837
2024-05-21 16:15:21
cve
cve
CVE-2023-52837
2024-05-21 16:15:21
redhatcve
redhatcve
CVE-2023-52837
2024-05-23 11:13:11
cvelist
cvelist
CVE-2023-52837 nbd: fix uaf in nbd_open
2024-05-21 15:31:37
ubuntucve
ubuntucve
CVE-2023-52837
2024-05-21 00:00:00