In the Linux kernel, the following vulnerability has been resolved:
freezer,umh: Fix call_usermode_helper_exec() vs SIGKILL Tetsuo-San noted
that commit f5d39b020809 (“freezer,sched: Rewrite core freezer logic”)
broke call_usermodehelper_exec() for the KILLABLE case. Specifically it was
missed that the second, unconditional, wait_for_completion() was not
optional and ensures the on-stack completion is unused before going
out-of-scope.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 23.10 | noarch | linux | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 14.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 16.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 18.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws | < any | UNKNOWN |
git.kernel.org/linus/eedeb787ebb53de5c5dcf7b7b39d01bf1b0f037d (6.2)
git.kernel.org/stable/c/7f9f6c54da876b3f0bece2b569456ceb96965ed7
git.kernel.org/stable/c/eedeb787ebb53de5c5dcf7b7b39d01bf1b0f037d
launchpad.net/bugs/cve/CVE-2023-52704
nvd.nist.gov/vuln/detail/CVE-2023-52704
security-tracker.debian.org/tracker/CVE-2023-52704
www.cve.org/CVERecord?id=CVE-2023-52704