Bug 2189137 (CVE-2023-2019, ZDI-23-442, ZDI-CAN-17811) - CVE-2023-2019 kernel: netdevsim: fib: reference count leak on route deletion failure
Summary: CVE-2023-2019 kernel: netdevsim: fib: reference count leak on route deletion ...
Keywords:
Status: NEW
Alias: CVE-2023-2019, ZDI-23-442, ZDI-CAN-17811
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Nobody
QA Contact:
URL:
Whiteboard:
Depends On: 2189203 2189204
Blocks: 2186277
TreeView+ depends on / blocked
 
Reported: 2023-04-24 10:55 UTC by Mauro Matteo Cascella
Modified: 2023-07-07 08:34 UTC (History)
44 users (show)

Fixed In Version: kernel 6.0-rc1
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in the Linux kernel's netdevsim device driver within the scheduling of events. This issue results from improper management of a reference count. This flaw allows an attacker to create a denial of service condition on the system.
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description Mauro Matteo Cascella 2023-04-24 10:55:33 UTC 
A reference count issue was found in the Linux kernel's netdevsim device driver. Quoting ZDI security advisory [1]:

"This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability.

The specific flaw exists within the scheduling of events. The issue results from the improper management of a reference count. An attacker can leverage this vulnerability to create a denial-of-service condition on the system."

[1] https://www.zerodayinitiative.com/advisories/ZDI-CAN-17811/
Comment 3 Mauro Matteo Cascella 2023-04-24 12:49:27 UTC 
Upstream fix:
https://github.com/torvalds/linux/commit/180a6a3ee60a
Note You need to log in before you can comment on or make changes to this bug.