CVE-2023-52515
RDMA/srp: Do not call scsi_done() from srp_abort()
Severity Score
"-"
*CVSS v-
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track
*SSVC
Descriptions
In the Linux kernel, the following vulnerability has been resolved:
RDMA/srp: Do not call scsi_done() from srp_abort()
After scmd_eh_abort_handler() has called the SCSI LLD eh_abort_handler
callback, it performs one of the following actions:
* Call scsi_queue_insert().
* Call scsi_finish_command().
* Call scsi_eh_scmd_add().
Hence, SCSI abort handlers must not call scsi_done(). Otherwise all
the above actions would trigger a use-after-free. Hence remove the
scsi_done() call from srp_abort(). Keep the srp_free_req() call
before returning SUCCESS because we may not see the command again if
SUCCESS is returned.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2024-02-20 CVE Reserved
- 2024-03-02 CVE Published
- 2024-12-17 EPSS Updated
- 2024-12-19 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (11)
URL | Tag | Source |
---|---|---|
https://git.kernel.org/stable/c/d8536670916a685df116b5c2cb256573fd25e4e3 | Vuln. Introduced | |
https://git.kernel.org/stable/c/738589592a04180e39b6fb5fe8205d85b7dc69f6 | Vuln. Introduced | |
https://git.kernel.org/stable/c/0575df129e2eb4a801beae0e6e041787480f42b9 | Vuln. Introduced | |
https://git.kernel.org/stable/c/22fb582405002812d8fb89d0ed1264e97d3d25ad | Vuln. Introduced | |
https://git.kernel.org/stable/c/39d6594c457c4728794cb4c3c7be53f93f1ef3ae | Vuln. Introduced | |
https://git.kernel.org/stable/c/b3f3b814add77a464911df0080d812b18f61ff38 | Vuln. Introduced |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.7 < 5.10.199 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.7 < 5.10.199" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.7 < 5.15.136 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.7 < 5.15.136" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.7 < 6.1.57 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.7 < 6.1.57" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.7 < 6.5.7 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.7 < 6.5.7" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.7 < 6.6 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.7 < 6.6" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 3.0.45 Search vendor "Linux" for product "Linux Kernel" and version "3.0.45" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 3.2.32 Search vendor "Linux" for product "Linux Kernel" and version "3.2.32" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 3.4.13 Search vendor "Linux" for product "Linux Kernel" and version "3.4.13" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 3.5.6 Search vendor "Linux" for product "Linux Kernel" and version "3.5.6" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 3.6.1 Search vendor "Linux" for product "Linux Kernel" and version "3.6.1" | en |
Affected
|