Bug 2187439 (CVE-2023-2124)
| Summary: | CVE-2023-2124 kernel: OOB access in the Linux kernel's XFS subsystem | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Alex <allarkin> |
| Component: | vulnerability | Assignee: | Nobody <nobody> |
| Status: | NEW --- | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | aalbersh, acaringi, allarkin, arachman, bhu, chwhite, crwood, dbohanno, dchinner, ddepaula, debarbos, derrick.roach.ctr, dfreiber, dvlasenk, esandeen, ezulian, hkrzesin, jarod, jburrell, jdenham, jfaracco, jferlan, jforbes, jlelli, joe.lawrence, jpoimboe, jshortt, jstancek, jwyatt, kcarcia, kernel-mgr, kpatch-maint-bot, kyoshida, ldoskova, lgoncalv, lveyde, lzampier, michal.skrivanek, mperina, nmurray, ptalbert, qzhao, rhandlin, rogbas, rrobaina, rvrbovsk, rysulliv, scweaver, swhiteho, tyberry, vkumar, walters, wcosta, williams, wmealing, ycote, zlang |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | kernel 6.4-rc1 | Doc Type: | If docs needed, set a value |
| Doc Text: |
An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2187444, 2187445, 2187446, 2187447, 2187448, 2187449, 2187450, 2187451, 2187452, 2187453, 2187454, 2187455, 2187456, 2187457, 2187458, 2187459, 2187460, 2187461, 2187462, 2187463, 2187464, 2187465, 2187466, 2187467, 2187468, 2187469, 2187470, 2187472, 2187473, 2187474, 2187475, 2187476, 2187477, 2187478, 2187479, 2187612, 2187963, 2203593, 2203594 | ||
| Bug Blocks: | 2187430 | ||
|
Description
Alex
2023-04-17 17:06:24 UTC
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2187963] @allarkin Hi Alex, could you also create RHEL7 issues for this CVE? The fix is also applicable for RHEL7, so, this would make sense to also backport it there. In reply to comment #17: > @allarkin Hi Alex, could you also create RHEL7 issues for this > CVE? The fix is also applicable for RHEL7, so, this would make sense to also > backport it there. Decreased severity of this one from High to Moderate, because: " The C reproducer does not reproduce the issue on latest 8.8/9.2 kernel, neither on Fedora with 6.3-rc7.eln kernel or 9.3 with the 6.3 common kernel." , and also the CVSS=7 is between Moderate and High. More comments about this decrease inside bug 2187446 For Red Hat 7 usually we omit fixes if Moderate, so I set "OOSS". However, do you think if need to fix for rhel7 anyway? (In reply to Alex from comment #18) > In reply to comment #17: > > @allarkin Hi Alex, could you also create RHEL7 issues for this > > CVE? The fix is also applicable for RHEL7, so, this would make sense to also > > backport it there. > > Decreased severity of this one from High to Moderate, because: > " > The C reproducer does not reproduce the issue on latest 8.8/9.2 kernel, > neither on Fedora with 6.3-rc7.eln kernel or 9.3 with the 6.3 common kernel." > , and also the CVSS=7 is between Moderate and High. > More comments about this decrease inside Red Hatbug 2187446 > > For Red Hat 7 usually we omit fixes if Moderate, so I set "OOSS". > However, do you think if need to fix for rhel7 anyway? Hi Alex, Sorry for late reply, yeah I think this make sense to fix it anyway. The code path exists and fix is quite simple, so make sense to me. In reply to comment #21: > (In reply to Alex from comment #18) > > In reply to comment #17: > > > @allarkin Hi Alex, could you also create RHEL7 issues for this > > > CVE? The fix is also applicable for RHEL7, so, this would make sense to also > > > backport it there. > > > > Decreased severity of this one from High to Moderate, because: > > " > > The C reproducer does not reproduce the issue on latest 8.8/9.2 kernel, > > neither on Fedora with 6.3-rc7.eln kernel or 9.3 with the 6.3 common kernel." > > , and also the CVSS=7 is between Moderate and High. > > More comments about this decrease inside Red Hatbug 2187446 > > > > For Red Hat 7 usually we omit fixes if Moderate, so I set "OOSS". > > However, do you think if need to fix for rhel7 anyway? > > Hi Alex, > > Sorry for late reply, yeah I think this make sense to fix it anyway. > The code path exists and fix is quite simple, so make sense to me. Ok, filled trackers for rhel9. This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:3708 https://access.redhat.com/errata/RHSA-2023:3708 This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:3723 https://access.redhat.com/errata/RHSA-2023:3723 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2023:4137 https://access.redhat.com/errata/RHSA-2023:4137 This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2023:4138 https://access.redhat.com/errata/RHSA-2023:4138 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions Via RHSA-2023:4515 https://access.redhat.com/errata/RHSA-2023:4515 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:4541 https://access.redhat.com/errata/RHSA-2023:4541 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2023:4517 https://access.redhat.com/errata/RHSA-2023:4517 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2023:4789 https://access.redhat.com/errata/RHSA-2023:4789 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Telecommunications Update Service Via RHSA-2023:4817 https://access.redhat.com/errata/RHSA-2023:4817 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Red Hat Enterprise Linux 8.2 Telecommunications Update Service Via RHSA-2023:4815 https://access.redhat.com/errata/RHSA-2023:4815 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Via RHSA-2023:4961 https://access.redhat.com/errata/RHSA-2023:4961 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Red Hat Enterprise Linux 8.4 Telecommunications Update Service Via RHSA-2023:4962 https://access.redhat.com/errata/RHSA-2023:4962 |