Back to bug 2087568
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Sandipan Roy | 2022-05-18 04:39:37 UTC | CC | security-response-team | |
| Sandipan Roy | 2022-05-18 04:40:30 UTC | Blocks | 2087569 | |
| Red Hat Bugzilla | 2022-07-16 03:20:58 UTC | CC | brdeoliv | |
| Rohit Keshri | 2022-07-26 09:34:00 UTC | Fixed In Version | kernel 5.18 25 | |
| CC | brdeoliv, chwhite, jlelli, jwyatt, lgoncalv, qzhao, swood, tyberry, williams | |||
| Rohit Keshri | 2022-07-26 14:21:11 UTC | Deadline | 2022-05-16 | |
| Rohit Keshri | 2022-07-26 14:21:45 UTC | Group | security, qe_staff | |
| Deadline | 2022-05-16 | |||
| Summary | EMBARGOED kernel: Possible use-after-free since the two fdget() during vhost_net_set_backend() | kernel: Possible use-after-free since the two fdget() during vhost_net_set_backend() | ||
| CC | adscvr, airlied, alciregi, bskeggs, hdegoede, hpa, jarodwilson, jglisse, jonathan, josef, jwboyer, kernel-maint, kernel-mgr, linville, masami256, mchehab, steved | |||
| Rohit Keshri | 2022-07-26 14:57:20 UTC | Doc Text | A use-after-free flaw was found in vhost_net_set_backend in drivers/vhost/net.c in virtio network subcomponent in the Linux kernel due to a double fget. This flaw could allow a local attacker to crash the system, and could even lead to a kernel information leak problem. | |
| Rohit Keshri | 2022-07-26 15:01:47 UTC | Depends On | 2111142, 2111143, 2111141, 2111144 | |
| Rohit Keshri | 2022-07-26 15:04:48 UTC | Comment | 0 | updated |
| Rohit Keshri | 2022-07-26 15:05:08 UTC | CC | rkeshri | |
| Rohit Keshri | 2022-07-26 15:06:53 UTC | CC | jburrell, vkumar | |
| Alex | 2022-08-18 13:00:17 UTC | Flags | needinfo?(rkeshri) | |
| Alex | 2022-08-18 14:23:25 UTC | Comment | 10 | updated |
| Alex | 2022-08-18 14:23:37 UTC | CC | allarkin | |
| Rohit Keshri | 2022-09-21 18:15:42 UTC | Flags | needinfo?(rkeshri) | |
| Red Hat Bugzilla | 2022-12-31 23:35:15 UTC | CC | fhrbata | |
| Red Hat Bugzilla | 2023-04-01 08:40:37 UTC | CC | dhoward | |
| Rohit Keshri | 2023-04-04 16:24:55 UTC | Alias | CVE-2023-1838 | |
| Summary | kernel: Possible use-after-free since the two fdget() during vhost_net_set_backend() | CVE-2023-1838 kernel: Possible use-after-free since the two fdget() during vhost_net_set_backend() | ||
| Paige Jung | 2023-04-04 16:45:27 UTC | Doc Text | A use-after-free flaw was found in vhost_net_set_backend in drivers/vhost/net.c in virtio network subcomponent in the Linux kernel due to a double fget. This flaw could allow a local attacker to crash the system, and could even lead to a kernel information leak problem. | A use-after-free flaw was found in vhost_net_set_backend in drivers/vhost/net.c in the virtio network subcomponent in the Linux kernel due to a double fget. This issue could allow a local attacker to crash the system, and could lead to a kernel information leak problem. |
| Red Hat Bugzilla | 2023-07-07 08:32:19 UTC | CC | security-response-team | |
| Assignee | security-response-team | nobody |
Back to bug 2087568