CVE-2023-53508 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: ublk: fail to start device if queue setup is interrupted In ublk_ctrl_start_dev(), if wait_for_completion_interruptible() is interrupted by signal, queues aren't setup successfully yet, so we have to fail UBLK_CMD_START_DEV, otherwise kernel oops can be triggered. Reported by German when working on qemu-storage-deamon which requires single thread ublk daemon.

PUBLISHED Reserved 2025-10-01 | Published 2025-10-01 | Updated 2025-10-01 | Assigner Linux

Product status

Default status

unaffected

71f28f3136aff5890cd56de78abc673f8393cad9 before 0d5916c439574b18a0734872daa0022b3d6105ad

affected

71f28f3136aff5890cd56de78abc673f8393cad9 before 6ab3e7d424cd413d7a5e976c8a30b4ffa84a65dd

affected

71f28f3136aff5890cd56de78abc673f8393cad9 before 53e7d08f6d6e214c40db1f51291bb2975c789dc2

affected

Default status

affected

6.0

affected

Any version before 6.0

unaffected

6.1.43

unaffected

6.4.8

unaffected

6.5

unaffected

References

git.kernel.org/...c/0d5916c439574b18a0734872daa0022b3d6105ad

git.kernel.org/...c/6ab3e7d424cd413d7a5e976c8a30b4ffa84a65dd

git.kernel.org/...c/53e7d08f6d6e214c40db1f51291bb2975c789dc2

cve.org (CVE-2023-53508)

nvd.nist.gov (CVE-2023-53508)

Download JSON

help @ threatint.eu