CVE-2023-53508

In ublkctrlstartdev(), if waitforcompletioninterruptible() is interrupted by signal, queues aren't setup successfully yet, so we have to fail UBLKCMDSTART_DEV, otherwise kernel oops can be triggered.

Reported by German when working on qemu-storage-deamon which requires single thread ublk daemon.

Database specific

{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53508.json"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

71f28f3136aff5890cd56de78abc673f8393cad9

Fixed

0d5916c439574b18a0734872daa0022b3d6105ad

Fixed

6ab3e7d424cd413d7a5e976c8a30b4ffa84a65dd

Fixed

53e7d08f6d6e214c40db1f51291bb2975c789dc2

Affected versions

v5.*

v5.19

v5.19-rc5

v5.19-rc6

v5.19-rc7

v5.19-rc8

v6.*

v6.0

v6.0-rc1

v6.0-rc2

v6.0-rc3

v6.0-rc4

v6.0-rc5

v6.0-rc6

v6.0-rc7

v6.1

v6.1-rc1

v6.1-rc2

v6.1-rc3

v6.1-rc4

v6.1-rc5

v6.1-rc6

v6.1-rc7

v6.1-rc8

v6.1.1

v6.1.10

v6.1.11

v6.1.12

v6.1.13

v6.1.14

v6.1.15

v6.1.16

v6.1.17

v6.1.18

v6.1.19

v6.1.2

v6.1.20

v6.1.21

v6.1.22

v6.1.23

v6.1.24

v6.1.25

v6.1.26

v6.1.27

v6.1.28

v6.1.29

v6.1.3

v6.1.30

v6.1.31

v6.1.32

v6.1.33

v6.1.34

v6.1.35

v6.1.36

v6.1.37

v6.1.38

v6.1.39

v6.1.4

v6.1.40

v6.1.41

v6.1.42

v6.1.5

v6.1.6

v6.1.7

v6.1.8

v6.1.9

v6.2

v6.2-rc1

v6.2-rc2

v6.2-rc3

v6.2-rc4

v6.2-rc5

v6.2-rc6

v6.2-rc7

v6.2-rc8

v6.3

v6.3-rc1

v6.3-rc2

v6.3-rc3

v6.3-rc4

v6.3-rc5

v6.3-rc6

v6.3-rc7

v6.4

v6.4-rc1

v6.4-rc2

v6.4-rc3

v6.4-rc4

v6.4-rc5

v6.4-rc6

v6.4-rc7

v6.4.1

v6.4.2

v6.4.3

v6.4.4

v6.4.5

v6.4.6

v6.4.7

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53508.json"

vanir_signatures

[
    {
        "id": "CVE-2023-53508-22fe458c",
        "target": {
            "file": "drivers/block/ublk_drv.c"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6ab3e7d424cd413d7a5e976c8a30b4ffa84a65dd",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "288261470399946891083108655895596874466",
                "57155560674146806201596608966051197570",
                "288155167492575669690821877806863291545",
                "114334375627299542811914418909351052613"
            ]
        },
        "signature_type": "Line"
    },
    {
        "id": "CVE-2023-53508-380e24ba",
        "target": {
            "function": "ublk_ctrl_start_dev",
            "file": "drivers/block/ublk_drv.c"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6ab3e7d424cd413d7a5e976c8a30b4ffa84a65dd",
        "digest": {
            "function_hash": "287619043103880566538165548711195746514",
            "length": 1329.0
        },
        "signature_type": "Function"
    },
    {
        "id": "CVE-2023-53508-401c0c7e",
        "target": {
            "file": "drivers/block/ublk_drv.c"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@53e7d08f6d6e214c40db1f51291bb2975c789dc2",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "288261470399946891083108655895596874466",
                "57155560674146806201596608966051197570",
                "288155167492575669690821877806863291545",
                "114334375627299542811914418909351052613"
            ]
        },
        "signature_type": "Line"
    },
    {
        "id": "CVE-2023-53508-c2371a48",
        "target": {
            "file": "drivers/block/ublk_drv.c"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0d5916c439574b18a0734872daa0022b3d6105ad",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "288261470399946891083108655895596874466",
                "57155560674146806201596608966051197570",
                "288155167492575669690821877806863291545",
                "114334375627299542811914418909351052613"
            ]
        },
        "signature_type": "Line"
    },
    {
        "id": "CVE-2023-53508-cbfaa526",
        "target": {
            "function": "ublk_ctrl_start_dev",
            "file": "drivers/block/ublk_drv.c"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@53e7d08f6d6e214c40db1f51291bb2975c789dc2",
        "digest": {
            "function_hash": "287619043103880566538165548711195746514",
            "length": 1329.0
        },
        "signature_type": "Function"
    },
    {
        "id": "CVE-2023-53508-d32a34cc",
        "target": {
            "function": "ublk_ctrl_start_dev",
            "file": "drivers/block/ublk_drv.c"
        },
        "signature_version": "v1",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0d5916c439574b18a0734872daa0022b3d6105ad",
        "digest": {
            "function_hash": "139241175169425475895937375109046778469",
            "length": 1325.0
        },
        "signature_type": "Function"
    }
]

Git / github.com/gregkh/linux