Vulnerability in Linux Kernel Affects ublk Component
CVE-2023-53508
What is CVE-2023-53508?
The vulnerability in the Linux kernel, specifically in the ublk component, occurs during the process of starting a device. When the function ublk_ctrl_start_dev() is called, an interruption by a signal while waiting for completion can lead to improper setup of device queues. As a result, the UBLK_CMD_START_DEV command could fail, potentially leading to kernel oops conditions. This issue was highlighted during the development of the qemu-storage-daemon, which relies on a single-threaded ublk daemon. Immediate attention to this component is crucial to ensure the stability of systems utilizing the affected kernel.
Affected Version(s)
Linux 71f28f3136aff5890cd56de78abc673f8393cad9 < 0d5916c439574b18a0734872daa0022b3d6105ad
Linux 71f28f3136aff5890cd56de78abc673f8393cad9 < 6ab3e7d424cd413d7a5e976c8a30b4ffa84a65dd
Linux 71f28f3136aff5890cd56de78abc673f8393cad9 < 53e7d08f6d6e214c40db1f51291bb2975c789dc2