Lucene search
Redhat.comRH:CVE-2023-52774HistoryMay 23, 2024 - 11:09 a.m.
CVE-2023-52774
2024-05-2311:09:41
redhat.com
access.redhat.com
1
linux kernel
s390/dasd
device queue
concurrent access
dasd_profile_start
kernel panic
device lock
pointer accesses
profile data.
In the Linux kernel, the following vulnerability has been resolved: s390/dasd: protect device queue against concurrent access In dasd_profile_start() the amount of requests on the device queue are counted. The access to the device queue is unprotected against concurrent access. With a lot of parallel I/O, especially with alias devices enabled, the device queue can change while dasd_profile_start() is accessing the queue. In the worst case this leads to a kernel panic due to incorrect pointer accesses. Fix this by taking the device lock before accessing the queue and counting the requests. Additionally the check for a valid profile data pointer can be done earlier to avoid unnecessary locking in a hot path.
Related
debiancve
debiancve
CVE-2023-52774
2024-05-21 16:15:16
nvd
nvd
CVE-2023-52774
2024-05-21 16:15:16
cve
cve
CVE-2023-52774
2024-05-21 16:15:16
cvelist
cvelist
CVE-2023-52774 s390/dasd: protect device queue against concurrent access
2024-05-21 15:30:55
ubuntucve
ubuntucve
CVE-2023-52774
2024-05-21 00:00:00
nessus
nessus
SUSE SLES12 Security Update : kernel (SUSE-SU-2024:1983-1)
2024-06-12 00:00:00
SUSE SLES12 Security Update : kernel (SUSE-SU-2024:1979-1)
2024-06-12 00:00:00
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2019-1)
2024-06-14 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:1979-1)
2024-06-12 00:00:00