extract_user_to_sg in lib/scatterlist.c in the Linux kernel before 6.4.12 fails to unpin pages in a certain situation, as demonstrated by a WARNING for try_grab_page.
References
Link | Resource |
---|---|
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.12 | Release Notes |
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f443fd5af5dbd531f880d3645d5dd36976cf087f | Mailing List Patch |
https://lkml.org/lkml/2023/8/3/323 | Exploit Mailing List Third Party Advisory |
https://lore.kernel.org/linux-crypto/20571.1690369076%40warthog.procyon.org.uk/ | Mailing List Patch |
https://security.netapp.com/advisory/ntap-20231110-0009/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
History
04 Jan 2024, 19:08
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.3 |
28 Dec 2023, 16:13
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:* |
|
First Time |
Netapp
Netapp h700s Firmware Netapp h500s Firmware Netapp h700s Netapp h410s Netapp h300s Netapp h500s Netapp h300s Firmware Netapp h410s Firmware |
|
References | () https://security.netapp.com/advisory/ntap-20231110-0009/ - Third Party Advisory | |
References | () https://lore.kernel.org/linux-crypto/20571.1690369076%40warthog.procyon.org.uk/ - Mailing List, Patch |
10 Nov 2023, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
07 Nov 2023, 04:20
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
19 Oct 2023, 14:20
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://lore.kernel.org/linux-crypto/20571.1690369076@warthog.procyon.org.uk/ - Mailing List, Vendor Advisory | |
References | (MISC) https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.12 - Release Notes | |
References | (MISC) https://lkml.org/lkml/2023/8/3/323 - Exploit, Mailing List, Third Party Advisory | |
References | (MISC) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f443fd5af5dbd531f880d3645d5dd36976cf087f - Mailing List, Patch | |
CWE | NVD-CWE-noinfo | |
CPE | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.1 |
First Time |
Linux
Linux linux Kernel |
16 Oct 2023, 04:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-10-16 03:15
Updated : 2024-02-28 20:33
NVD link : CVE-2023-40791
Mitre link : CVE-2023-40791
CVE.ORG link : CVE-2023-40791
JSON object : View
Products Affected
linux
- linux_kernel
netapp
- h300s_firmware
- h500s_firmware
- h410s_firmware
- h500s
- h700s_firmware
- h410s
- h300s
- h700s
CWE