Updated: 2024-11-30 04:03:54.557491
Description:
In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts This patch is against CVE-2023-6270. The description of cve is: A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct and the access through the `skbtxq` global queue. This could lead to a denial of service condition or potential code execution. In aoecmd_cfg_pkts(), it always calls dev_put(ifp) when skb initial code is finished. But the net_device ifp will still be used in later tx()->dev_queue_xmit() in kthread. Which means that the dev_put(ifp) should NOT be called in the success path of skb initial code in aoecmd_cfg_pkts(). Otherwise tx() may run into use-after-free because the net_device is freed. This patch removed the dev_put(ifp) in the success path in aoecmd_cfg_pkts(), and added dev_put() after skb xmit in tx().
Links | NIST | CIRCL | RHEL | Ubuntu |
Severity | Score | |
---|---|---|
CVSS Version 2.x | 0 | |
CVSS Version 3.x | HIGH | 7.8 |
OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
---|---|---|---|---|---|---|---|---|
AlmaLinux 9.2 ESU | kernel | 5.14.0 | 7.8 | HIGH | Released | CLSA-2024:1719231016 | 2024-06-24 10:14:51 | |
AlmaLinux 9.2 FIPS | kernel | 5.14.0 | 7.8 | HIGH | Released | CLSA-2024:1719241565 | 2024-06-24 11:24:41 | |
CentOS 6 ELS | kernel | 2.6.32 | 7.8 | HIGH | Released | 2024-09-03 14:33:30 | ||
CentOS 7 ELS | kernel | 3.10.0 | 7.8 | HIGH | Released | CLSA-2024:1720468480 | 2024-07-23 17:22:29 | |
CentOS 8.4 ELS | kernel | 4.18.0 | 7.8 | HIGH | Not Vulnerable | 2024-05-01 22:12:08 | ||
CentOS 8.5 ELS | kernel | 4.18.0 | 7.8 | HIGH | Not Vulnerable | 2024-06-11 14:23:11 | ||
CentOS Stream 8 ELS | kernel | 4.18.0 | 7.8 | HIGH | Not Vulnerable | 2024-06-11 14:21:02 | ||
CloudLinux 6 ELS | kernel | 2.6.32 | 7.8 | HIGH | Ignored | 2025-01-10 22:44:10 | ||
CloudLinux 7 ELS | kernel | 3.10.0 | 7.8 | HIGH | Ignored | 2025-01-10 22:43:54 | ||
Oracle Linux 6 ELS | kernel | 2.6.32 | 7.8 | HIGH | Released | 2024-09-03 14:33:29 |