CVE-2023-52931

Adding the vm to the vm_xa table makes it visible to userspace, which could try to race with us to close the vm. So we need to take our extra reference before putting it in the table.

(cherry picked from commit 99343c46d4e2b34c285d3d5f68ff04274c2f9fb4)

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

9ec8795e7d91bc650db03dc6f5315667555dae11

Fixed

764accc2c1b8fd1507be2e7f436c94cdce887a00

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

9ec8795e7d91bc650db03dc6f5315667555dae11

Fixed

41d419382ec7e257e54b7b6ff0d3623aafb1316d

Affected versions

v5.*

v5.14

v5.14-rc2

v5.14-rc3

v5.14-rc4

v5.14-rc5

v5.14-rc6

v5.14-rc7

v5.15

v5.15-rc1

v5.15-rc2

v5.15-rc3

v5.15-rc4

v5.15-rc5

v5.15-rc6

v5.15-rc7

v5.16

v5.16-rc1

v5.16-rc2

v5.16-rc3

v5.16-rc4

v5.16-rc5

v5.16-rc6

v5.16-rc7

v5.16-rc8

v5.17

v5.17-rc1

v5.17-rc2

v5.17-rc3

v5.17-rc4

v5.17-rc5

v5.17-rc6

v5.17-rc7

v5.17-rc8

v5.18

v5.18-rc1

v5.18-rc2

v5.18-rc3

v5.18-rc4

v5.18-rc5

v5.18-rc6

v5.18-rc7

v5.19

v5.19-rc1

v5.19-rc2

v5.19-rc3

v5.19-rc4

v5.19-rc5

v5.19-rc6

v5.19-rc7

v5.19-rc8

v6.*

v6.0

v6.0-rc1

v6.0-rc2

v6.0-rc3

v6.0-rc4

v6.0-rc5

v6.0-rc6

v6.0-rc7

v6.1

v6.1-rc1

v6.1-rc2

v6.1-rc3

v6.1-rc4

v6.1-rc5

v6.1-rc6

v6.1-rc7

v6.1-rc8

v6.1.1

v6.1.10

v6.1.2

v6.1.3

v6.1.4

v6.1.5

v6.1.6

v6.1.7

v6.1.8

v6.1.9

v6.2-rc1

v6.2-rc2

v6.2-rc3

v6.2-rc4

v6.2-rc5

v6.2-rc6

Database specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 404.0,
                "function_hash": "60545499371140060507036560111272192929"
            },
            "target": {
                "file": "drivers/gpu/drm/i915/gem/i915_gem_context.c",
                "function": "get_ppgtt"
            },
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@41d419382ec7e257e54b7b6ff0d3623aafb1316d",
            "signature_version": "v1",
            "id": "CVE-2023-52931-5a1060ef",
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "128723854924157468351163035515312045506",
                    "69116716669727394480702364682300081594",
                    "319175551446571238834265860900184731102",
                    "42326940812327211413795563696983180704",
                    "165990716932880239202344376674276923401",
                    "178340880863397084285704074040106720892",
                    "272794704806355464249377440485954761013"
                ]
            },
            "target": {
                "file": "drivers/gpu/drm/i915/gem/i915_gem_context.c"
            },
            "deprecated": false,
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@41d419382ec7e257e54b7b6ff0d3623aafb1316d",
            "signature_version": "v1",
            "id": "CVE-2023-52931-85f271fa",
            "signature_type": "Line"
        }
    ]
}

CVE-2023-52931

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Affected versions

v5.*

v6.*

Database specific

Linux / Kernel

Package

Affected ranges