Description

In the Linux kernel, the following vulnerability has been resolved: blk-mq: make sure active queue usage is held for bio_integrity_prep() blk_integrity_unregister() can come if queue usage counter isn't held for one bio with integrity prepared, so this request may be completed with calling profile->complete_fn, then kernel panic. Another constraint is that bio_integrity_prep() needs to be called before bio merge. Fix the issue by: - call bio_integrity_prep() with one queue usage counter grabbed reliably - call bio_integrity_prep() before bio merge

INFO

Published Date :

2024-05-21T15:31:04.343Z

Last Modified :

2025-05-04T07:43:12.344Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2023-52787 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2023-52787.

URL Resource
https://git.kernel.org/stable/c/b0077e269f6c152e807fdac90b58caf012cdbaab cve-icon cve-icon
https://git.kernel.org/stable/c/b5c8e0ff76d10f6bf70a7237678f27c20cf59bc9 cve-icon cve-icon
https://git.kernel.org/stable/c/b80056bd75a16e4550873ecefe12bc8fd190b1cf cve-icon cve-icon
https://git.kernel.org/stable/c/e9c309ded295b7f8849097d71ae231456ca79f78 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024052155-CVE-2023-52787-67f0@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2023-52787 cve-icon
https://www.cve.org/CVERecord?id=CVE-2023-52787 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact