ALT-PU-2024-18052-1

Package update kernel-image-un-def in branch p10

Version6.1.72-alt1

Published2024-01-15

Max severityMEDIUM

Severity:

Closed issues (2)

MEDIUM5.5

Уязвимость компонента blk-mq ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании

Published: 2024-11-25Modified: 2024-12-03

CVSS 3.xMEDIUM 5.5

CVSS:3.x/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVSS 2.0MEDIUM 4.6

CVSS:2.0/AV:L/AC:L/Au:S/C:N/I:N/A:C

References

CVE-2023-52787

MEDIUM5.5

In the Linux kernel, the following vulnerability has been resolved: blk-mq: make sure active queue usage is held for bio_integrity_prep() blk_integrity_unregister() can come if queue usage counter isn't held for one bio with integrity prepared, so this request may be completed with calling profile->complete_fn, then kernel panic. Another constraint is that bio_integrity_prep() needs to be called before bio merge. Fix the issue by: - call bio_integrity_prep() with one queue usage counter grabbed reliably - call bio_integrity_prep() before bio merge

Published: 2024-05-21Modified: 2025-09-26

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References