7.8

CVE-2023-53494

crypto: xts - Handle EBUSY correctly

In the Linux kernel, the following vulnerability has been resolved:

crypto: xts - Handle EBUSY correctly

As it is xts only handles the special return value of EINPROGRESS,
which means that in all other cases it will free data related to the
request.

However, as the caller of xts may specify MAY_BACKLOG, we also need
to expect EBUSY and treat it in the same way.  Otherwise backlogged
requests will trigger a use-after-free.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.4 < 5.10.173
LinuxLinux Kernel Version >= 5.11 < 5.15.99
LinuxLinux Kernel Version >= 5.16 < 6.1.16
LinuxLinux Kernel Version >= 6.2 < 6.2.3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.15% 0.046
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

https://git.kernel.org/stable/c/51c082514c2dedf2711c99d93c196cc4eedceb40
Patch
https://git.kernel.org/stable/c/57c3e1d63b63dc0841d41df729297cd7c1c35808
Patch
https://git.kernel.org/stable/c/912eb10b65646ffd222256c78a1c566a3dac177d
Patch
https://git.kernel.org/stable/c/92a07ba4f0af2cccdc2aa5ee32679c9c9714db90
Patch
https://git.kernel.org/stable/c/d5870848879291700fe6c5257dcb48aadd10425c
Patch