| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025100435-CVE-2023-53615-843c@gregkh> Date: Sat, 4 Oct 2025 17:52:09 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2023-53615: scsi: qla2xxx: Fix deletion race condition From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix deletion race condition System crash when using debug kernel due to link list corruption. The cause of the link list corruption is due to session deletion was allowed to queue up twice. Here's the internal trace that show the same port was allowed to double queue for deletion on different cpu. 20808683956 015 qla2xxx [0000:13:00.1]-e801:4: Scheduling sess ffff93ebf9306800 for deletion 50:06:0e:80:12:48:ff:50 fc4_type 1 20808683957 027 qla2xxx [0000:13:00.1]-e801:4: Scheduling sess ffff93ebf9306800 for deletion 50:06:0e:80:12:48:ff:50 fc4_type 1 Move the clearing/setting of deleted flag lock. The Linux kernel CVE team has assigned CVE-2023-53615 to this issue. Affected and fixed versions =========================== Issue introduced in 4.11 with commit 726b85487067d7f5b23495bc33c484b8517c4074 and fixed in 5.4.258 with commit a4628a5b98e4c6d905e1f7638242612d7db7d9c2 Issue introduced in 4.11 with commit 726b85487067d7f5b23495bc33c484b8517c4074 and fixed in 5.10.195 with commit 4d7da12483e98c451a51bd294a3d3494f0aee5eb Issue introduced in 4.11 with commit 726b85487067d7f5b23495bc33c484b8517c4074 and fixed in 5.15.132 with commit f1ea164be545629bf442c22f508ad9e7b94ac100 Issue introduced in 4.11 with commit 726b85487067d7f5b23495bc33c484b8517c4074 and fixed in 6.1.54 with commit cd06c45b326e44f0d21dc1b3fa23e71f46847e28 Issue introduced in 4.11 with commit 726b85487067d7f5b23495bc33c484b8517c4074 and fixed in 6.5.4 with commit b05017cb4ff75eea783583f3d400059507510ab1 Issue introduced in 4.11 with commit 726b85487067d7f5b23495bc33c484b8517c4074 and fixed in 6.6 with commit 6dfe4344c168c6ca20fe7640649aacfcefcccb26 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2023-53615 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/scsi/qla2xxx/qla_init.c drivers/scsi/qla2xxx/qla_target.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/a4628a5b98e4c6d905e1f7638242612d7db7d9c2 https://git.kernel.org/stable/c/4d7da12483e98c451a51bd294a3d3494f0aee5eb https://git.kernel.org/stable/c/f1ea164be545629bf442c22f508ad9e7b94ac100 https://git.kernel.org/stable/c/cd06c45b326e44f0d21dc1b3fa23e71f46847e28 https://git.kernel.org/stable/c/b05017cb4ff75eea783583f3d400059507510ab1 https://git.kernel.org/stable/c/6dfe4344c168c6ca20fe7640649aacfcefcccb26
Powered by blists - more mailing lists