CVE-2023-53116

Description

In the Linux kernel, the following vulnerability has been resolved: nvmet: avoid potential UAF in nvmet_req_complete() An nvme target ->queue_response() operation implementation may free the request passed as argument. Such implementation potentially could result in a use after free of the request pointer when percpu_ref_put() is called in nvmet_req_complete(). Avoid such problem by using a local variable to save the sq pointer before calling __nvmet_req_complete(), thus avoiding dereferencing the req pointer after that function call.

Reserved 2025-05-02 | Published 2025-05-02 | Updated 2025-05-04 | Assigner Linux

Product status

Default status
unaffected

a07b4970f464f13640e28e16dad6cfa33647cc99 before e5d99b29012bbf0e86929403209723b2806500c1
affected

a07b4970f464f13640e28e16dad6cfa33647cc99 before fafcb4b26393870c45462f9af6a48e581dbbcf7e
affected

a07b4970f464f13640e28e16dad6cfa33647cc99 before 04c394208831d5e0d5cfee46722eb0f033cd4083
affected

a07b4970f464f13640e28e16dad6cfa33647cc99 before a6317235da8aa7cb97529ebc8121cc2a4c4c437a
affected

a07b4970f464f13640e28e16dad6cfa33647cc99 before f1d5888a5efe345b63c430b256e95acb0a475642
affected

a07b4970f464f13640e28e16dad6cfa33647cc99 before bcd535f07c58342302a2cd2bdd8894fe0872c8a9
affected

a07b4970f464f13640e28e16dad6cfa33647cc99 before 8ed9813871038b25a934b21ab76b5b7dbf44fc3a
affected

a07b4970f464f13640e28e16dad6cfa33647cc99 before 6173a77b7e9d3e202bdb9897b23f2a8afe7bf286
affected

Default status
affected

4.8
affected

Any version before 4.8
unaffected

4.14.311
unaffected

4.19.279
unaffected

5.4.238
unaffected

5.10.176
unaffected

5.15.104
unaffected

6.1.21
unaffected

6.2.8
unaffected

6.3
unaffected

References

git.kernel.org/...c/e5d99b29012bbf0e86929403209723b2806500c1

git.kernel.org/...c/fafcb4b26393870c45462f9af6a48e581dbbcf7e

git.kernel.org/...c/04c394208831d5e0d5cfee46722eb0f033cd4083

git.kernel.org/...c/a6317235da8aa7cb97529ebc8121cc2a4c4c437a

git.kernel.org/...c/f1d5888a5efe345b63c430b256e95acb0a475642

git.kernel.org/...c/bcd535f07c58342302a2cd2bdd8894fe0872c8a9

git.kernel.org/...c/8ed9813871038b25a934b21ab76b5b7dbf44fc3a

git.kernel.org/...c/6173a77b7e9d3e202bdb9897b23f2a8afe7bf286

cve.org (CVE-2023-53116)

nvd.nist.gov (CVE-2023-53116)

Download JSON