Back to bug 2217915
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Dhananjay Arunesh | 2023-06-27 13:05:22 UTC | Blocks | 2217909 | |
| Mauro Matteo Cascella | 2023-06-27 14:33:13 UTC | CC | jpoimboe, kpatch-maint, rhandlin | |
| Mauro Matteo Cascella | 2023-06-27 21:39:45 UTC | Depends On | 2218029, 2218028 | |
| Mauro Matteo Cascella | 2023-06-28 07:44:46 UTC | Summary | TRIAGE kernel: use-after-free read in mctp_local_output | TRIAGE kernel: mctp: use-after-free read in mctp_local_output() |
| Fixed In Version | kernel 5.18-rc5 | |||
| Mauro Matteo Cascella | 2023-06-28 07:53:12 UTC | Resolution | --- | NOTABUG |
| Status | NEW | CLOSED | ||
| Summary | TRIAGE kernel: mctp: use-after-free read in mctp_local_output() | CVE-2023-3439 kernel: mctp: use-after-free read in mctp_local_output() | ||
| Alias | CVE-2023-3439 | |||
| Last Closed | 2023-06-28 07:53:12 UTC | |||
| Mauro Matteo Cascella | 2023-06-28 08:03:03 UTC | Doc Text | A flaw was found in the MCTP protocol in the Linux kernel. The function mctp_unregister() reclaims the device's relevant resource when a netcard detaches. However, a running routine may be unaware of this and cause the use-after-free of the mdev->addrs object, potentially leading to a denial of service. |
Back to bug 2217915