摘要:
In the Linux kernel, the following vulnerability has been resolved:
blk-mq: make sure active queue usage is held for bio_integrity_prep()
blk_integrity_unregister() can come if queue usage counter isn't held
for one bio with integrity prepared, so this request may be completed with
calling profile->complete_fn, then kernel panic.
Another constraint is that bio_integrity_prep() needs to be called
before bio merge.
Fix the issue by:
- call bio_integrity_prep() with one queue usage counter grabbed reliably
- call bio_integrity_prep() before bio merge
安全等级: Low
公告ID: KylinSec-SA-2024-2186
发布日期: 2024年5月28日
关联CVE: CVE-2023-52787
In the Linux kernel, the following vulnerability has been resolved:
blk-mq: make sure active queue usage is held for bio_integrity_prep()
blk_integrity_unregister() can come if queue usage counter isn't held
for one bio with integrity prepared, so this request may be completed with
calling profile->complete_fn, then kernel panic.
Another constraint is that bio_integrity_prep() needs to be called
before bio merge.
Fix the issue by:
- call bio_integrity_prep() with one queue usage counter grabbed reliably
- call bio_integrity_prep() before bio merge
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|---|---|---|
| CVE-2023-52787 | KY3.4-4A | kernel | Unaffected |
| CVE-2023-52787 | KY3.4-5 | kernel | Unaffected |
| CVE-2023-52787 | KY3.5.1 | kernel | Unaffected |
| CVE-2023-52787 | KY3.5.3 | kernel | Unaffected |
| CVE-2023-52787 | V6 | kernel | Unaffected |
