VDB
CISA-2023-52837
CISA-2023-52837
PUBLISHED
Reported by Linux · Published May 21, 2024
In the Linux kernel, the following vulnerability has been resolved: nbd: fix uaf in nbd_open Commit 4af5f2e03013 ("nbd: use blk_mq_alloc_disk and blk_cleanup_disk") cleans up disk by blk_cleanup_disk() and it won't set disk->private_data as NULL as before. UAF may be triggered in nbd_open() if someone tries to open nbd device right after nbd_put() since nbd has been free in nbd_dev_remove(). Fix this by implementing ->free_disk and free private data in it.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux | 4af5f2e0301311f88c420fcfc5f3c8611ade20ac, 4af5f2e0301311f88c420fcfc5f3c8611ade20ac, 4af5f2e0301311f88c420fcfc5f3c8611ade20ac |
| Linux | Linux | 5.14, 0, 6.1.63 |
| linux | linux_kernel | 5.14, 5.14, 5.14 |
| Linux | Linux | 4af5f2e0301311f88c420fcfc5f3c8611ade20ac, 4af5f2e0301311f88c420fcfc5f3c8611ade20ac, 4af5f2e0301311f88c420fcfc5f3c8611ade20ac |
Timeline
- May 21, 2024 CVE Published
- May 4, 2025 CVE Updated