DEBIAN-CVE-2023-54117

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/CVE-2023-54117

Import Source

https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2023-54117.json

JSON Data

https://api.osv.dev/v1/vulns/DEBIAN-CVE-2023-54117

Upstream

CVE-2023-54117

Published

2025-12-24T13:16:13.637Z

Modified

2025-12-25T11:14:42.890266Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved: s390/dcssblk: fix kernel crash with listadd corruption Commit fb08a1908cb1 ("dax: simplify the daxdevice <-> gendisk association") introduced new logic for gendisk association, requiring drivers to explicitly call daxaddhost() and daxremovehost(). For dcssblk driver, some daxremovehost() calls were missing, e.g. in device remove path. The commit also broke error handling for outdax case in device add path, resulting in an extra putdevice() w/o the previous getdevice() in that case. This lead to stale xarray entries after device add / remove cycles. In the case when a previously used struct gendisk pointer (xarray index) would be used again, because blkallocdisk() happened to return such a pointer, the xainsert() in daxaddhost() would fail and go to outdax, doing the extra putdevice() in the error path. In combination with an already flawed error handling in dcssblk (deviceregister() cleanup), which needs to be addressed in a separate patch, this resulted in a missing devicedel() / klistdel(), and eventually in the kernel crash with listadd corruption on a subsequent deviceadd() / klistadd(). Fix this by adding the missing daxremovehost() calls, and also move the put_device() in the error path to restore the previous logic.

References

https://security-tracker.debian.org/tracker/CVE-2023-54117

Affected packages

Debian:12 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.1.55-1

Affected versions

6.*

6.1.27-1

6.1.37-1

6.1.38-1

6.1.38-2~bpo11+1

6.1.38-2

6.1.38-3

6.1.38-4~bpo11+1

6.1.38-4

6.1.52-1

6.1.55-1~bpo11+1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2023-54117.json"

Debian:13 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.5.3-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2023-54117.json"

Debian:14 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.5.3-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2023-54117.json"