In the Linux kernel, the following vulnerability has been resolved:
RDMA/siw: Fix connection failure handling
In case immediate MPA request processing fails, the newly created endpoint unlinks the listening endpoint and is ready to be dropped. This special case was not handled correctly by the code handling the later TCP socket close, causing a NULL dereference crash in siwcmwork_handler() when dereferencing a NULL listener. We now also cancel the useless MPA timeout, if immediate MPA request processing fails.
This patch furthermore simplifies MPA processing in general: Scheduling a useless TCP socket read in skdataready() upcall is now surpressed, if the socket is already moved out of TCP_ESTABLISHED state.
{ "vanir_signatures": [ { "digest": { "length": 1381.0, "function_hash": "42092364993145302176304848028331949305" }, "signature_version": "v1", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5cf38e638e5d01b68f9133968a85e8b3fd1ecf2f", "target": { "file": "drivers/infiniband/sw/siw/siw_cm.c", "function": "siw_accept_newconn" }, "id": "CVE-2023-52513-04b14bb4", "signature_type": "Function" }, { "digest": { "length": 545.0, "function_hash": "201847442471031136694656426555258813466" }, "signature_version": "v1", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0d520cdb0cd095eac5d00078dfd318408c9b5eed", "target": { "file": "drivers/infiniband/sw/siw/siw_cm.c", "function": "siw_cm_llp_data_ready" }, "id": "CVE-2023-52513-2007be0d", "signature_type": "Function" }, { "digest": { "threshold": 0.9, "line_hashes": [ "113558383457279182386279598413989119056", "172304629663955992893279669431582387153", "33135113949009729360664060840114423531", "204805044810033039430317762021134801955", "142680489103848156077096243924118579172", "71594369926212405755055692060962523953", "320930107829060685969800740218623852623", "98624746369872529140941860051740306016", "48519552598975917375222141522453479099", "293022282876651519432731349324455039678", "178465465310687469848963323536057678646", "145035964933748815851424888302149584296", "189710145353391327707644682125359175196", "47260769936869376696446774593116937020" ] }, "signature_version": "v1", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0d520cdb0cd095eac5d00078dfd318408c9b5eed", "target": { "file": "drivers/infiniband/sw/siw/siw_cm.c" }, "id": "CVE-2023-52513-21f9b00b", "signature_type": "Line" }, { "digest": { "length": 545.0, "function_hash": "201847442471031136694656426555258813466" }, "signature_version": "v1", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5cf38e638e5d01b68f9133968a85e8b3fd1ecf2f", "target": { "file": "drivers/infiniband/sw/siw/siw_cm.c", "function": "siw_cm_llp_data_ready" }, "id": "CVE-2023-52513-267caef6", "signature_type": "Function" }, { "digest": { "threshold": 0.9, "line_hashes": [ "113558383457279182386279598413989119056", "172304629663955992893279669431582387153", "33135113949009729360664060840114423531", "204805044810033039430317762021134801955", "142680489103848156077096243924118579172", "71594369926212405755055692060962523953", "320930107829060685969800740218623852623", "98624746369872529140941860051740306016", "48519552598975917375222141522453479099", "293022282876651519432731349324455039678", "178465465310687469848963323536057678646", "145035964933748815851424888302149584296", "189710145353391327707644682125359175196", "47260769936869376696446774593116937020" ] }, "signature_version": "v1", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@81b7bf367eea795d259d0261710c6a89f548844d", "target": { "file": "drivers/infiniband/sw/siw/siw_cm.c" }, "id": "CVE-2023-52513-2fc2a052", "signature_type": "Line" }, { "digest": { "length": 3086.0, "function_hash": "214635904446337706640959906460353508598" }, "signature_version": "v1", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0d520cdb0cd095eac5d00078dfd318408c9b5eed", "target": { "file": "drivers/infiniband/sw/siw/siw_cm.c", "function": "siw_cm_work_handler" }, "id": "CVE-2023-52513-37eb94b6", "signature_type": "Function" }, { "digest": { "length": 1381.0, "function_hash": "42092364993145302176304848028331949305" }, "signature_version": "v1", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@81b7bf367eea795d259d0261710c6a89f548844d", "target": { "file": "drivers/infiniband/sw/siw/siw_cm.c", "function": "siw_accept_newconn" }, "id": "CVE-2023-52513-434d0b0a", "signature_type": "Function" }, { "digest": { "length": 545.0, "function_hash": "201847442471031136694656426555258813466" }, "signature_version": "v1", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@81b7bf367eea795d259d0261710c6a89f548844d", "target": { "file": "drivers/infiniband/sw/siw/siw_cm.c", "function": "siw_cm_llp_data_ready" }, "id": "CVE-2023-52513-6ad50f96", "signature_type": "Function" }, { "digest": { "length": 1381.0, "function_hash": "42092364993145302176304848028331949305" }, "signature_version": "v1", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@eeafc50a77f6a783c2c44e7ec3674a7b693e06f8", "target": { "file": "drivers/infiniband/sw/siw/siw_cm.c", "function": "siw_accept_newconn" }, "id": "CVE-2023-52513-7540be1a", "signature_type": "Function" }, { "digest": { "length": 3088.0, "function_hash": "103921304488612566341481382824974452393" }, "signature_version": "v1", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5cf38e638e5d01b68f9133968a85e8b3fd1ecf2f", "target": { "file": "drivers/infiniband/sw/siw/siw_cm.c", "function": "siw_cm_work_handler" }, "id": "CVE-2023-52513-76a1808d", "signature_type": "Function" }, { "digest": { "length": 3088.0, "function_hash": "103921304488612566341481382824974452393" }, "signature_version": "v1", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@53a3f777049771496f791504e7dc8ef017cba590", "target": { "file": "drivers/infiniband/sw/siw/siw_cm.c", "function": "siw_cm_work_handler" }, "id": "CVE-2023-52513-781efe6c", "signature_type": "Function" }, { "digest": { "threshold": 0.9, "line_hashes": [ "113558383457279182386279598413989119056", "172304629663955992893279669431582387153", "33135113949009729360664060840114423531", "204805044810033039430317762021134801955", "142680489103848156077096243924118579172", "71594369926212405755055692060962523953", "320930107829060685969800740218623852623", "98624746369872529140941860051740306016", "48519552598975917375222141522453479099", "293022282876651519432731349324455039678", "178465465310687469848963323536057678646", "145035964933748815851424888302149584296", "189710145353391327707644682125359175196", "47260769936869376696446774593116937020" ] }, "signature_version": "v1", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6e26812e289b374c17677d238164a5a8f5770594", "target": { "file": "drivers/infiniband/sw/siw/siw_cm.c" }, "id": "CVE-2023-52513-92792262", "signature_type": "Line" }, { "digest": { "length": 1381.0, "function_hash": "42092364993145302176304848028331949305" }, "signature_version": "v1", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@53a3f777049771496f791504e7dc8ef017cba590", "target": { "file": "drivers/infiniband/sw/siw/siw_cm.c", "function": "siw_accept_newconn" }, "id": "CVE-2023-52513-9cb3503e", "signature_type": "Function" }, { "digest": { "threshold": 0.9, "line_hashes": [ "113558383457279182386279598413989119056", "172304629663955992893279669431582387153", "33135113949009729360664060840114423531", "204805044810033039430317762021134801955", "142680489103848156077096243924118579172", "71594369926212405755055692060962523953", "320930107829060685969800740218623852623", "98624746369872529140941860051740306016", "48519552598975917375222141522453479099", "293022282876651519432731349324455039678", "178465465310687469848963323536057678646", "145035964933748815851424888302149584296", "189710145353391327707644682125359175196", "47260769936869376696446774593116937020" ] }, "signature_version": "v1", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@eeafc50a77f6a783c2c44e7ec3674a7b693e06f8", "target": { "file": "drivers/infiniband/sw/siw/siw_cm.c" }, "id": "CVE-2023-52513-a4b6cb6e", "signature_type": "Line" }, { "digest": { "length": 3086.0, "function_hash": "214635904446337706640959906460353508598" }, "signature_version": "v1", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6e26812e289b374c17677d238164a5a8f5770594", "target": { "file": "drivers/infiniband/sw/siw/siw_cm.c", "function": "siw_cm_work_handler" }, "id": "CVE-2023-52513-a7b4372c", "signature_type": "Function" }, { "digest": { "length": 566.0, "function_hash": "297364755909021813640393235520271539796" }, "signature_version": "v1", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@53a3f777049771496f791504e7dc8ef017cba590", "target": { "file": "drivers/infiniband/sw/siw/siw_cm.c", "function": "siw_cm_llp_data_ready" }, "id": "CVE-2023-52513-c1751fda", "signature_type": "Function" }, { "digest": { "length": 3088.0, "function_hash": "103921304488612566341481382824974452393" }, "signature_version": "v1", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@81b7bf367eea795d259d0261710c6a89f548844d", "target": { "file": "drivers/infiniband/sw/siw/siw_cm.c", "function": "siw_cm_work_handler" }, "id": "CVE-2023-52513-c393f68f", "signature_type": "Function" }, { "digest": { "length": 1381.0, "function_hash": "42092364993145302176304848028331949305" }, "signature_version": "v1", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0d520cdb0cd095eac5d00078dfd318408c9b5eed", "target": { "file": "drivers/infiniband/sw/siw/siw_cm.c", "function": "siw_accept_newconn" }, "id": "CVE-2023-52513-ccd5ab6e", "signature_type": "Function" }, { "digest": { "threshold": 0.9, "line_hashes": [ "113558383457279182386279598413989119056", "172304629663955992893279669431582387153", "33135113949009729360664060840114423531", "204805044810033039430317762021134801955", "142680489103848156077096243924118579172", "71594369926212405755055692060962523953", "320930107829060685969800740218623852623", "98624746369872529140941860051740306016", "48519552598975917375222141522453479099", "293022282876651519432731349324455039678", "178465465310687469848963323536057678646", "145035964933748815851424888302149584296", "189710145353391327707644682125359175196", "47260769936869376696446774593116937020" ] }, "signature_version": "v1", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5cf38e638e5d01b68f9133968a85e8b3fd1ecf2f", "target": { "file": "drivers/infiniband/sw/siw/siw_cm.c" }, "id": "CVE-2023-52513-d77c5509", "signature_type": "Line" }, { "digest": { "length": 545.0, "function_hash": "201847442471031136694656426555258813466" }, "signature_version": "v1", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6e26812e289b374c17677d238164a5a8f5770594", "target": { "file": "drivers/infiniband/sw/siw/siw_cm.c", "function": "siw_cm_llp_data_ready" }, "id": "CVE-2023-52513-dd00a88c", "signature_type": "Function" }, { "digest": { "length": 1552.0, "function_hash": "337641488289244828908057158273434368498" }, "signature_version": "v1", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6e26812e289b374c17677d238164a5a8f5770594", "target": { "file": "drivers/infiniband/sw/siw/siw_cm.c", "function": "siw_accept_newconn" }, "id": "CVE-2023-52513-e1370947", "signature_type": "Function" }, { "digest": { "length": 566.0, "function_hash": "297364755909021813640393235520271539796" }, "signature_version": "v1", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@eeafc50a77f6a783c2c44e7ec3674a7b693e06f8", "target": { "file": "drivers/infiniband/sw/siw/siw_cm.c", "function": "siw_cm_llp_data_ready" }, "id": "CVE-2023-52513-e435817a", "signature_type": "Function" }, { "digest": { "threshold": 0.9, "line_hashes": [ "113558383457279182386279598413989119056", "172304629663955992893279669431582387153", "33135113949009729360664060840114423531", "204805044810033039430317762021134801955", "142680489103848156077096243924118579172", "71594369926212405755055692060962523953", "320930107829060685969800740218623852623", "98624746369872529140941860051740306016", "48519552598975917375222141522453479099", "293022282876651519432731349324455039678", "178465465310687469848963323536057678646", "145035964933748815851424888302149584296", "189710145353391327707644682125359175196", "47260769936869376696446774593116937020" ] }, "signature_version": "v1", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@53a3f777049771496f791504e7dc8ef017cba590", "target": { "file": "drivers/infiniband/sw/siw/siw_cm.c" }, "id": "CVE-2023-52513-fae10f27", "signature_type": "Line" }, { "digest": { "length": 3088.0, "function_hash": "103921304488612566341481382824974452393" }, "signature_version": "v1", "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@eeafc50a77f6a783c2c44e7ec3674a7b693e06f8", "target": { "file": "drivers/infiniband/sw/siw/siw_cm.c", "function": "siw_cm_work_handler" }, "id": "CVE-2023-52513-ff4587e0", "signature_type": "Function" } ] }