-

CVE-2023-53307

In the Linux kernel, the following vulnerability has been resolved:

rbd: avoid use-after-free in do_rbd_add() when rbd_dev_create() fails

If getting an ID or setting up a work queue in rbd_dev_create() fails,
use-after-free on rbd_dev->rbd_client, rbd_dev->spec and rbd_dev->opts
is triggered in do_rbd_add().  The root cause is that the ownership of
these structures is transfered to rbd_dev prematurely and they all end
up getting freed when rbd_dev_create() calls rbd_dev_free() prior to
returning to do_rbd_add().

Found by Linux Verification Center (linuxtesting.org) with SVACE, an
incomplete patch submitted by Natalia Petrova <n.petrova@fintech.ru>.

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
VendorLinux
Product Linux
Default Statusunaffected
Version < 71da2a151ed1adb0aea4252b16d81b53012e7afd
Version 1643dfa4c2c827d6e2aa419df8c17b0f24090278
Status affected
Version < e3cbb4d60764295992c95344f2d779439e8b34ce
Version 1643dfa4c2c827d6e2aa419df8c17b0f24090278
Status affected
Version < 9787b328c42c13c4f31e7d5042c4e877e9344068
Version 1643dfa4c2c827d6e2aa419df8c17b0f24090278
Status affected
Version < ae16346078b1189aee934afd872d9f3d0a682c33
Version 1643dfa4c2c827d6e2aa419df8c17b0f24090278
Status affected
Version < a73783e4e0c4d1507794da211eeca75498544dff
Version 1643dfa4c2c827d6e2aa419df8c17b0f24090278
Status affected
Version < faa7b683e436664fff5648426950718277831348
Version 1643dfa4c2c827d6e2aa419df8c17b0f24090278
Status affected
Version < cc8c0dd2984503ed09efa37bcafcef3d3da104e8
Version 1643dfa4c2c827d6e2aa419df8c17b0f24090278
Status affected
Version < f7c4d9b133c7a04ca619355574e96b6abf209fba
Version 1643dfa4c2c827d6e2aa419df8c17b0f24090278
Status affected
VendorLinux
Product Linux
Default Statusaffected
Version 4.9
Status affected
Version < 4.9
Version 0
Status unaffected
Version <= 4.14.*
Version 4.14.308
Status unaffected
Version <= 4.19.*
Version 4.19.276
Status unaffected
Version <= 5.4.*
Version 5.4.235
Status unaffected
Version <= 5.10.*
Version 5.10.173
Status unaffected
Version <= 5.15.*
Version 5.15.99
Status unaffected
Version <= 6.1.*
Version 6.1.16
Status unaffected
Version <= 6.2.*
Version 6.2.3
Status unaffected
Version <= *
Version 6.3
Status unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.03% 0.078
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string