Lucene search

K
redhatcveRedhat.comRH:CVE-2023-52787
HistoryMay 23, 2024 - 11:10 a.m.

CVE-2023-52787

2024-05-2311:10:24
redhat.com
access.redhat.com
1
linux kernel
blk-mq vulnerability
queue usage counter
bio_integrity_prep()
kernel panic
bio merge

6.4 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.5%

In the Linux kernel, the following vulnerability has been resolved: blk-mq: make sure active queue usage is held for bio_integrity_prep() blk_integrity_unregister() can come if queue usage counter isn’t held for one bio with integrity prepared, so this request may be completed with calling profile->complete_fn, then kernel panic. Another constraint is that bio_integrity_prep() needs to be called before bio merge. Fix the issue by: - call bio_integrity_prep() with one queue usage counter grabbed reliably - call bio_integrity_prep() before bio merge

6.4 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.5%