diff options
author | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2024-04-26 14:20:16 +0200 |
---|---|---|
committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2024-04-26 14:20:16 +0200 |
commit | 4ff16de4ca8dc19ded42432e410c1a511c9d9ad8 (patch) | |
tree | 9e9b5d0243713563b5e5912f938292a70a9881b0 | |
parent | 5a83c28ecd58730308edf0fd13b99cedad3e24fe (diff) | |
download | vulns-4ff16de4ca8dc19ded42432e410c1a511c9d9ad8.tar.gz |
CVE-2023-52646 allocated
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-rw-r--r-- | cve/published/2023/CVE-2023-52646 (renamed from cve/reserved/2023/CVE-2023-52646) | 0 | ||||
-rw-r--r-- | cve/published/2023/CVE-2023-52646.json | 163 | ||||
-rw-r--r-- | cve/published/2023/CVE-2023-52646.mbox | 78 | ||||
-rw-r--r-- | cve/published/2023/CVE-2023-52646.sha1 | 1 |
4 files changed, 242 insertions, 0 deletions
diff --git a/cve/reserved/2023/CVE-2023-52646 b/cve/published/2023/CVE-2023-52646 index e69de29b..e69de29b 100644 --- a/cve/reserved/2023/CVE-2023-52646 +++ b/cve/published/2023/CVE-2023-52646 diff --git a/cve/published/2023/CVE-2023-52646.json b/cve/published/2023/CVE-2023-52646.json new file mode 100644 index 00000000..c98a1501 --- /dev/null +++ b/cve/published/2023/CVE-2023-52646.json @@ -0,0 +1,163 @@ +{ + "containers": { + "cna": { + "providerMetadata": { + "orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038" + }, + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\naio: fix mremap after fork null-deref\n\nCommit e4a0d3e720e7 (\"aio: Make it possible to remap aio ring\") introduced\na null-deref if mremap is called on an old aio mapping after fork as\nmm->ioctx_table will be set to NULL.\n\n[jmoyer@redhat.com: fix 80 column issue]" + } + ], + "affected": [ + { + "product": "Linux", + "vendor": "Linux", + "defaultStatus": "unaffected", + "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", + "versions": [ + { + "version": "e4a0d3e720e7", + "lessThan": "808f1e4b5723", + "status": "affected", + "versionType": "git" + }, + { + "version": "e4a0d3e720e7", + "lessThan": "d8dca1bfe9ad", + "status": "affected", + "versionType": "git" + }, + { + "version": "e4a0d3e720e7", + "lessThan": "4326d0080f7e", + "status": "affected", + "versionType": "git" + }, + { + "version": "e4a0d3e720e7", + "lessThan": "c261f798f7ba", + "status": "affected", + "versionType": "git" + }, + { + "version": "e4a0d3e720e7", + "lessThan": "178993157e8c", + "status": "affected", + "versionType": "git" + }, + { + "version": "e4a0d3e720e7", + "lessThan": "af126acf01a1", + "status": "affected", + "versionType": "git" + }, + { + "version": "e4a0d3e720e7", + "lessThan": "81e9d6f86476", + "status": "affected", + "versionType": "git" + } + ] + }, + { + "product": "Linux", + "vendor": "Linux", + "defaultStatus": "affected", + "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", + "versions": [ + { + "version": "3.19", + "status": "affected" + }, + { + "version": "0", + "lessThan": "3.19", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "4.14.306", + "lessThanOrEqual": "4.14.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "4.19.273", + "lessThanOrEqual": "4.19.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.4.232", + "lessThanOrEqual": "5.4.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.10.169", + "lessThanOrEqual": "5.10.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.15.95", + "lessThanOrEqual": "5.15.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.1.13", + "lessThanOrEqual": "6.1.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.2", + "lessThanOrEqual": "*", + "status": "unaffected", + "versionType": "original_commit_for_fix" + } + ] + } + ], + "references": [ + { + "url": "https://git.kernel.org/stable/c/808f1e4b5723ae4eda724d2ad6f6638905eefd95" + }, + { + "url": "https://git.kernel.org/stable/c/d8dca1bfe9adcae38b35add64977818c0c13dd22" + }, + { + "url": "https://git.kernel.org/stable/c/4326d0080f7e84fba775da41d158f46cf9d3f1c2" + }, + { + "url": "https://git.kernel.org/stable/c/c261f798f7baa8080cf0214081d43d5f86bb073f" + }, + { + "url": "https://git.kernel.org/stable/c/178993157e8c50aef7f35d7d6d3b44bb428199e1" + }, + { + "url": "https://git.kernel.org/stable/c/af126acf01a12bdb04986fd26fc2eb3b40249e0d" + }, + { + "url": "https://git.kernel.org/stable/c/81e9d6f8647650a7bead74c5f926e29970e834d1" + } + ], + "title": "aio: fix mremap after fork null-deref", + "x_generator": { + "engine": "bippy-d175d3acf727" + } + } + }, + "cveMetadata": { + "assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038", + "cveID": "CVE-2023-52646", + "requesterUserId": "gregkh@kernel.org", + "serial": "1", + "state": "PUBLISHED" + }, + "dataType": "CVE_RECORD", + "dataVersion": "5.0" +} diff --git a/cve/published/2023/CVE-2023-52646.mbox b/cve/published/2023/CVE-2023-52646.mbox new file mode 100644 index 00000000..dbd5a6bc --- /dev/null +++ b/cve/published/2023/CVE-2023-52646.mbox @@ -0,0 +1,78 @@ +From bippy-d175d3acf727 Mon Sep 17 00:00:00 2001 +From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> +To: <linux-cve-announce@vger.kernel.org> +Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> +Subject: CVE-2023-52646: aio: fix mremap after fork null-deref +Message-Id: <2024042655-CVE-2023-52646-3ebb@gregkh> +Content-Length: 2648 +Lines: 61 +X-Developer-Signature: v=1; a=openpgp-sha256; l=2710; + i=gregkh@linuxfoundation.org; h=from:subject:message-id; + bh=EM/z43IooyFZjdc3/xDRsRQg4P4PIMMhIIAYNe/VasA=; + b=owGbwMvMwCRo6H6F97bub03G02pJDGnas1/v6T3gq/72ss/mv/v2HQxzZTx4WsKs5PWOI/VvG + ONs3l+43BHLwiDIxCArpsjyZRvP0f0VhxS9DG1Pw8xhZQIZwsDFKQAT+SbGML9mYVNpy7n9t2IF + /lrXG3lzhN8NecKwYNnSGgHO+baM57/O407m/rmlKsDnDwA= +X-Developer-Key: i=gregkh@linuxfoundation.org; a=openpgp; + fpr=F4B60CC5BF78C2214A313DCB3147D40DDB2DFB29 + +Description +=========== + +In the Linux kernel, the following vulnerability has been resolved: + +aio: fix mremap after fork null-deref + +Commit e4a0d3e720e7 ("aio: Make it possible to remap aio ring") introduced +a null-deref if mremap is called on an old aio mapping after fork as +mm->ioctx_table will be set to NULL. + +[jmoyer@redhat.com: fix 80 column issue] + +The Linux kernel CVE team has assigned CVE-2023-52646 to this issue. + + +Affected and fixed versions +=========================== + + Issue introduced in 3.19 with commit e4a0d3e720e7 and fixed in 4.14.306 with commit 808f1e4b5723 + Issue introduced in 3.19 with commit e4a0d3e720e7 and fixed in 4.19.273 with commit d8dca1bfe9ad + Issue introduced in 3.19 with commit e4a0d3e720e7 and fixed in 5.4.232 with commit 4326d0080f7e + Issue introduced in 3.19 with commit e4a0d3e720e7 and fixed in 5.10.169 with commit c261f798f7ba + Issue introduced in 3.19 with commit e4a0d3e720e7 and fixed in 5.15.95 with commit 178993157e8c + Issue introduced in 3.19 with commit e4a0d3e720e7 and fixed in 6.1.13 with commit af126acf01a1 + Issue introduced in 3.19 with commit e4a0d3e720e7 and fixed in 6.2 with commit 81e9d6f86476 + +Please see https://www.kernel.org for a full list of currently supported +kernel versions by the kernel community. + +Unaffected versions might change over time as fixes are backported to +older supported kernel versions. The official CVE entry at + https://cve.org/CVERecord/?id=CVE-2023-52646 +will be updated if fixes are backported, please check that for the most +up to date information about this issue. + + +Affected files +============== + +The file(s) affected by this issue are: + fs/aio.c + + +Mitigation +========== + +The Linux kernel CVE team recommends that you update to the latest +stable kernel version for this, and many other bugfixes. Individual +changes are never tested alone, but rather are part of a larger kernel +release. Cherry-picking individual commits is not recommended or +supported by the Linux kernel community at all. If however, updating to +the latest release is impossible, the individual changes to resolve this +issue can be found at these commits: + https://git.kernel.org/stable/c/808f1e4b5723ae4eda724d2ad6f6638905eefd95 + https://git.kernel.org/stable/c/d8dca1bfe9adcae38b35add64977818c0c13dd22 + https://git.kernel.org/stable/c/4326d0080f7e84fba775da41d158f46cf9d3f1c2 + https://git.kernel.org/stable/c/c261f798f7baa8080cf0214081d43d5f86bb073f + https://git.kernel.org/stable/c/178993157e8c50aef7f35d7d6d3b44bb428199e1 + https://git.kernel.org/stable/c/af126acf01a12bdb04986fd26fc2eb3b40249e0d + https://git.kernel.org/stable/c/81e9d6f8647650a7bead74c5f926e29970e834d1 diff --git a/cve/published/2023/CVE-2023-52646.sha1 b/cve/published/2023/CVE-2023-52646.sha1 new file mode 100644 index 00000000..7975b015 --- /dev/null +++ b/cve/published/2023/CVE-2023-52646.sha1 @@ -0,0 +1 @@ +81e9d6f8647650a7bead74c5f926e29970e834d1 |