CVE-2023-52811

Updated: 2024-07-24 14:09:30.517087

Description:

In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool In practice the driver should never send more commands than are allocated to a queue's event pool. In the unlikely event that this happens, the code asserts a BUG_ON, and in the case that the kernel is not configured to crash on panic returns a junk event pointer from the empty event list causing things to spiral from there. This BUG_ON is a historical artifact of the ibmvfc driver first being upstreamed, and it is well known now that the use of BUG_ON is bad practice except in the most unrecoverable scenario. There is nothing about this scenario that prevents the driver from recovering and carrying on. Remove the BUG_ON in question from ibmvfc_get_event() and return a NULL pointer in the case of an empty event pool. Update all call sites to ibmvfc_get_event() to check for a NULL pointer and perfrom the appropriate failure or recovery action.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x NONE 0
CVSS Version 3.x MEDIUM 5.5

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

AlmaLinux 9.2 ESU kernel 5.14.0 5.5 MEDIUM Needs Triage 2024-11-12 12:07:19
AlmaLinux 9.2 FIPS kernel 5.14.0 5.5 MEDIUM Ignored 2024-07-25 05:17:59
CentOS 6 ELS kernel 2.6.32 5.5 MEDIUM Ignored 2024-07-25 05:17:59
CentOS 7 ELS kernel 3.10.0 5.5 MEDIUM Ignored 2024-07-25 05:17:59
CentOS 8.4 ELS kernel 4.18.0 5.5 MEDIUM Released CLSA-2024:1725872696 2024-09-09 05:28:06
CentOS 8.5 ELS kernel 4.18.0 5.5 MEDIUM Released CLSA-2024:1725876080 2024-09-09 12:18:27
CentOS Stream 8 ELS kernel 4.18.0 5.5 MEDIUM Ignored 2024-08-20 12:21:56
CloudLinux 6 ELS kernel 2.6.32 5.5 MEDIUM Ignored 2024-07-25 05:17:59
CloudLinux 7 ELS kernel 3.10.0 5.5 MEDIUM Ignored 2024-07-25 05:17:58
Oracle Linux 6 ELS kernel 2.6.32 5.5 MEDIUM Ignored 2024-07-25 05:17:58