5.5

CVE-2023-53499

virtio_net: Fix error unwinding of XDP initialization

In the Linux kernel, the following vulnerability has been resolved:

virtio_net: Fix error unwinding of XDP initialization

When initializing XDP in virtnet_open(), some rq xdp initialization
may hit an error causing net device open failed. However, previous
rqs have already initialized XDP and enabled NAPI, which is not the
expected behavior. Need to roll back the previous rq initialization
to avoid leaks in error unwinding of init code.

Also extract helper functions of disable and enable queue pairs.
Use newly introduced disable helper function in error unwinding and
virtnet_close. Use enable helper function in virtnet_open.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.16 < 5.15.113
LinuxLinux Kernel Version >= 5.16 < 6.1.30
LinuxLinux Kernel Version >= 6.2 < 6.3.4
LinuxLinux Kernel Version6.4 Updaterc1
LinuxLinux Kernel Version6.4 Updaterc2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.15% 0.042
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/037768b28e3752c07d63d1c72a651a6775b080bb
Patch
https://git.kernel.org/stable/c/5306623a9826aa7d63b32c6a3803c798a765474d
Patch
https://git.kernel.org/stable/c/6a7690f2bd178eee80f33411ae32e543ae66379c
Patch
https://git.kernel.org/stable/c/73f53bc295727a3cdbd9d6bcdfaa239258970cf4
Patch