CVE-2023-54193 (GCVE-0-2023-54193)
Vulnerability from cvelistv5
Published
2025-12-30 12:09
Modified
2025-12-30 12:09
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
net/sched: cls_api: remove block_cb from driver_list before freeing
Error handler of tcf_block_bind() frees the whole bo->cb_list on error.
However, by that time the flow_block_cb instances are already in the driver
list because driver ndo_setup_tc() callback is called before that up the
call chain in tcf_block_offload_cmd(). This leaves dangling pointers to
freed objects in the list and causes use-after-free[0]. Fix it by also
removing flow_block_cb instances from driver_list before deallocating them.
[0]:
[ 279.868433] ==================================================================
[ 279.869964] BUG: KASAN: slab-use-after-free in flow_block_cb_setup_simple+0x631/0x7c0
[ 279.871527] Read of size 8 at addr ffff888147e2bf20 by task tc/2963
[ 279.873151] CPU: 6 PID: 2963 Comm: tc Not tainted 6.3.0-rc6+ #4
[ 279.874273] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014
[ 279.876295] Call Trace:
[ 279.876882] <TASK>
[ 279.877413] dump_stack_lvl+0x33/0x50
[ 279.878198] print_report+0xc2/0x610
[ 279.878987] ? flow_block_cb_setup_simple+0x631/0x7c0
[ 279.879994] kasan_report+0xae/0xe0
[ 279.880750] ? flow_block_cb_setup_simple+0x631/0x7c0
[ 279.881744] ? mlx5e_tc_reoffload_flows_work+0x240/0x240 [mlx5_core]
[ 279.883047] flow_block_cb_setup_simple+0x631/0x7c0
[ 279.884027] tcf_block_offload_cmd.isra.0+0x189/0x2d0
[ 279.885037] ? tcf_block_setup+0x6b0/0x6b0
[ 279.885901] ? mutex_lock+0x7d/0xd0
[ 279.886669] ? __mutex_unlock_slowpath.constprop.0+0x2d0/0x2d0
[ 279.887844] ? ingress_init+0x1c0/0x1c0 [sch_ingress]
[ 279.888846] tcf_block_get_ext+0x61c/0x1200
[ 279.889711] ingress_init+0x112/0x1c0 [sch_ingress]
[ 279.890682] ? clsact_init+0x2b0/0x2b0 [sch_ingress]
[ 279.891701] qdisc_create+0x401/0xea0
[ 279.892485] ? qdisc_tree_reduce_backlog+0x470/0x470
[ 279.893473] tc_modify_qdisc+0x6f7/0x16d0
[ 279.894344] ? tc_get_qdisc+0xac0/0xac0
[ 279.895213] ? mutex_lock+0x7d/0xd0
[ 279.896005] ? __mutex_lock_slowpath+0x10/0x10
[ 279.896910] rtnetlink_rcv_msg+0x5fe/0x9d0
[ 279.897770] ? rtnl_calcit.isra.0+0x2b0/0x2b0
[ 279.898672] ? __sys_sendmsg+0xb5/0x140
[ 279.899494] ? do_syscall_64+0x3d/0x90
[ 279.900302] ? entry_SYSCALL_64_after_hwframe+0x46/0xb0
[ 279.901337] ? kasan_save_stack+0x2e/0x40
[ 279.902177] ? kasan_save_stack+0x1e/0x40
[ 279.903058] ? kasan_set_track+0x21/0x30
[ 279.903913] ? kasan_save_free_info+0x2a/0x40
[ 279.904836] ? ____kasan_slab_free+0x11a/0x1b0
[ 279.905741] ? kmem_cache_free+0x179/0x400
[ 279.906599] netlink_rcv_skb+0x12c/0x360
[ 279.907450] ? rtnl_calcit.isra.0+0x2b0/0x2b0
[ 279.908360] ? netlink_ack+0x1550/0x1550
[ 279.909192] ? rhashtable_walk_peek+0x170/0x170
[ 279.910135] ? kmem_cache_alloc_node+0x1af/0x390
[ 279.911086] ? _copy_from_iter+0x3d6/0xc70
[ 279.912031] netlink_unicast+0x553/0x790
[ 279.912864] ? netlink_attachskb+0x6a0/0x6a0
[ 279.913763] ? netlink_recvmsg+0x416/0xb50
[ 279.914627] netlink_sendmsg+0x7a1/0xcb0
[ 279.915473] ? netlink_unicast+0x790/0x790
[ 279.916334] ? iovec_from_user.part.0+0x4d/0x220
[ 279.917293] ? netlink_unicast+0x790/0x790
[ 279.918159] sock_sendmsg+0xc5/0x190
[ 279.918938] ____sys_sendmsg+0x535/0x6b0
[ 279.919813] ? import_iovec+0x7/0x10
[ 279.920601] ? kernel_sendmsg+0x30/0x30
[ 279.921423] ? __copy_msghdr+0x3c0/0x3c0
[ 279.922254] ? import_iovec+0x7/0x10
[ 279.923041] ___sys_sendmsg+0xeb/0x170
[ 279.923854] ? copy_msghdr_from_user+0x110/0x110
[ 279.924797] ? ___sys_recvmsg+0xd9/0x130
[ 279.925630] ? __perf_event_task_sched_in+0x183/0x470
[ 279.926656] ? ___sys_sendmsg+0x170/0x170
[ 279.927529] ? ctx_sched_in+0x530/0x530
[ 279.928369] ? update_curr+0x283/0x4f0
[ 279.929185] ? perf_event_update_userpage+0x570/0x570
[ 279.930201] ? __fget_light+0x57/0x520
[ 279.931023] ? __switch_to+0x53d/0xe70
[ 27
---truncated---
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Linux | Linux |
Version: 59094b1e5094c7e50a3d2912202fd30b6a1dadf8 Version: 59094b1e5094c7e50a3d2912202fd30b6a1dadf8 Version: 59094b1e5094c7e50a3d2912202fd30b6a1dadf8 Version: 59094b1e5094c7e50a3d2912202fd30b6a1dadf8 Version: 59094b1e5094c7e50a3d2912202fd30b6a1dadf8 Version: 59094b1e5094c7e50a3d2912202fd30b6a1dadf8 Version: 59094b1e5094c7e50a3d2912202fd30b6a1dadf8 |
||
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/sched/cls_api.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "cc5fe387c6294d0471cb7ed064efac97fac65ccc",
"status": "affected",
"version": "59094b1e5094c7e50a3d2912202fd30b6a1dadf8",
"versionType": "git"
},
{
"lessThan": "7311c8be3755611bf6edea4dfbeb190b4bdd489f",
"status": "affected",
"version": "59094b1e5094c7e50a3d2912202fd30b6a1dadf8",
"versionType": "git"
},
{
"lessThan": "cb145932fcf6814e7e95e467eb70e7849a845ae9",
"status": "affected",
"version": "59094b1e5094c7e50a3d2912202fd30b6a1dadf8",
"versionType": "git"
},
{
"lessThan": "55866fe3fded3ce94ac3fc1bb3dfce654282f483",
"status": "affected",
"version": "59094b1e5094c7e50a3d2912202fd30b6a1dadf8",
"versionType": "git"
},
{
"lessThan": "26aec72429a05e917d574eca0efc5306c63a8862",
"status": "affected",
"version": "59094b1e5094c7e50a3d2912202fd30b6a1dadf8",
"versionType": "git"
},
{
"lessThan": "7b7a74ed303d532fb73ae4b1697f16a0fea89cd0",
"status": "affected",
"version": "59094b1e5094c7e50a3d2912202fd30b6a1dadf8",
"versionType": "git"
},
{
"lessThan": "da94a7781fc3c92e7df7832bc2746f4d39bc624e",
"status": "affected",
"version": "59094b1e5094c7e50a3d2912202fd30b6a1dadf8",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/sched/cls_api.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.3"
},
{
"lessThan": "5.3",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.243",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.180",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.112",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.29",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.*",
"status": "unaffected",
"version": "6.2.16",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.3.*",
"status": "unaffected",
"version": "6.3.3",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.4",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.243",
"versionStartIncluding": "5.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.180",
"versionStartIncluding": "5.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.112",
"versionStartIncluding": "5.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.29",
"versionStartIncluding": "5.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.2.16",
"versionStartIncluding": "5.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.3.3",
"versionStartIncluding": "5.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.4",
"versionStartIncluding": "5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: cls_api: remove block_cb from driver_list before freeing\n\nError handler of tcf_block_bind() frees the whole bo-\u003ecb_list on error.\nHowever, by that time the flow_block_cb instances are already in the driver\nlist because driver ndo_setup_tc() callback is called before that up the\ncall chain in tcf_block_offload_cmd(). This leaves dangling pointers to\nfreed objects in the list and causes use-after-free[0]. Fix it by also\nremoving flow_block_cb instances from driver_list before deallocating them.\n\n[0]:\n[ 279.868433] ==================================================================\n[ 279.869964] BUG: KASAN: slab-use-after-free in flow_block_cb_setup_simple+0x631/0x7c0\n[ 279.871527] Read of size 8 at addr ffff888147e2bf20 by task tc/2963\n\n[ 279.873151] CPU: 6 PID: 2963 Comm: tc Not tainted 6.3.0-rc6+ #4\n[ 279.874273] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n[ 279.876295] Call Trace:\n[ 279.876882] \u003cTASK\u003e\n[ 279.877413] dump_stack_lvl+0x33/0x50\n[ 279.878198] print_report+0xc2/0x610\n[ 279.878987] ? flow_block_cb_setup_simple+0x631/0x7c0\n[ 279.879994] kasan_report+0xae/0xe0\n[ 279.880750] ? flow_block_cb_setup_simple+0x631/0x7c0\n[ 279.881744] ? mlx5e_tc_reoffload_flows_work+0x240/0x240 [mlx5_core]\n[ 279.883047] flow_block_cb_setup_simple+0x631/0x7c0\n[ 279.884027] tcf_block_offload_cmd.isra.0+0x189/0x2d0\n[ 279.885037] ? tcf_block_setup+0x6b0/0x6b0\n[ 279.885901] ? mutex_lock+0x7d/0xd0\n[ 279.886669] ? __mutex_unlock_slowpath.constprop.0+0x2d0/0x2d0\n[ 279.887844] ? ingress_init+0x1c0/0x1c0 [sch_ingress]\n[ 279.888846] tcf_block_get_ext+0x61c/0x1200\n[ 279.889711] ingress_init+0x112/0x1c0 [sch_ingress]\n[ 279.890682] ? clsact_init+0x2b0/0x2b0 [sch_ingress]\n[ 279.891701] qdisc_create+0x401/0xea0\n[ 279.892485] ? qdisc_tree_reduce_backlog+0x470/0x470\n[ 279.893473] tc_modify_qdisc+0x6f7/0x16d0\n[ 279.894344] ? tc_get_qdisc+0xac0/0xac0\n[ 279.895213] ? mutex_lock+0x7d/0xd0\n[ 279.896005] ? __mutex_lock_slowpath+0x10/0x10\n[ 279.896910] rtnetlink_rcv_msg+0x5fe/0x9d0\n[ 279.897770] ? rtnl_calcit.isra.0+0x2b0/0x2b0\n[ 279.898672] ? __sys_sendmsg+0xb5/0x140\n[ 279.899494] ? do_syscall_64+0x3d/0x90\n[ 279.900302] ? entry_SYSCALL_64_after_hwframe+0x46/0xb0\n[ 279.901337] ? kasan_save_stack+0x2e/0x40\n[ 279.902177] ? kasan_save_stack+0x1e/0x40\n[ 279.903058] ? kasan_set_track+0x21/0x30\n[ 279.903913] ? kasan_save_free_info+0x2a/0x40\n[ 279.904836] ? ____kasan_slab_free+0x11a/0x1b0\n[ 279.905741] ? kmem_cache_free+0x179/0x400\n[ 279.906599] netlink_rcv_skb+0x12c/0x360\n[ 279.907450] ? rtnl_calcit.isra.0+0x2b0/0x2b0\n[ 279.908360] ? netlink_ack+0x1550/0x1550\n[ 279.909192] ? rhashtable_walk_peek+0x170/0x170\n[ 279.910135] ? kmem_cache_alloc_node+0x1af/0x390\n[ 279.911086] ? _copy_from_iter+0x3d6/0xc70\n[ 279.912031] netlink_unicast+0x553/0x790\n[ 279.912864] ? netlink_attachskb+0x6a0/0x6a0\n[ 279.913763] ? netlink_recvmsg+0x416/0xb50\n[ 279.914627] netlink_sendmsg+0x7a1/0xcb0\n[ 279.915473] ? netlink_unicast+0x790/0x790\n[ 279.916334] ? iovec_from_user.part.0+0x4d/0x220\n[ 279.917293] ? netlink_unicast+0x790/0x790\n[ 279.918159] sock_sendmsg+0xc5/0x190\n[ 279.918938] ____sys_sendmsg+0x535/0x6b0\n[ 279.919813] ? import_iovec+0x7/0x10\n[ 279.920601] ? kernel_sendmsg+0x30/0x30\n[ 279.921423] ? __copy_msghdr+0x3c0/0x3c0\n[ 279.922254] ? import_iovec+0x7/0x10\n[ 279.923041] ___sys_sendmsg+0xeb/0x170\n[ 279.923854] ? copy_msghdr_from_user+0x110/0x110\n[ 279.924797] ? ___sys_recvmsg+0xd9/0x130\n[ 279.925630] ? __perf_event_task_sched_in+0x183/0x470\n[ 279.926656] ? ___sys_sendmsg+0x170/0x170\n[ 279.927529] ? ctx_sched_in+0x530/0x530\n[ 279.928369] ? update_curr+0x283/0x4f0\n[ 279.929185] ? perf_event_update_userpage+0x570/0x570\n[ 279.930201] ? __fget_light+0x57/0x520\n[ 279.931023] ? __switch_to+0x53d/0xe70\n[ 27\n---truncated---"
}
],
"providerMetadata": {
"dateUpdated": "2025-12-30T12:09:00.738Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/cc5fe387c6294d0471cb7ed064efac97fac65ccc"
},
{
"url": "https://git.kernel.org/stable/c/7311c8be3755611bf6edea4dfbeb190b4bdd489f"
},
{
"url": "https://git.kernel.org/stable/c/cb145932fcf6814e7e95e467eb70e7849a845ae9"
},
{
"url": "https://git.kernel.org/stable/c/55866fe3fded3ce94ac3fc1bb3dfce654282f483"
},
{
"url": "https://git.kernel.org/stable/c/26aec72429a05e917d574eca0efc5306c63a8862"
},
{
"url": "https://git.kernel.org/stable/c/7b7a74ed303d532fb73ae4b1697f16a0fea89cd0"
},
{
"url": "https://git.kernel.org/stable/c/da94a7781fc3c92e7df7832bc2746f4d39bc624e"
}
],
"title": "net/sched: cls_api: remove block_cb from driver_list before freeing",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2023-54193",
"datePublished": "2025-12-30T12:09:00.738Z",
"dateReserved": "2025-12-30T12:06:44.498Z",
"dateUpdated": "2025-12-30T12:09:00.738Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2023-54193\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-12-30T13:16:07.320\",\"lastModified\":\"2025-12-30T13:16:07.320\",\"vulnStatus\":\"Received\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnet/sched: cls_api: remove block_cb from driver_list before freeing\\n\\nError handler of tcf_block_bind() frees the whole bo-\u003ecb_list on error.\\nHowever, by that time the flow_block_cb instances are already in the driver\\nlist because driver ndo_setup_tc() callback is called before that up the\\ncall chain in tcf_block_offload_cmd(). This leaves dangling pointers to\\nfreed objects in the list and causes use-after-free[0]. Fix it by also\\nremoving flow_block_cb instances from driver_list before deallocating them.\\n\\n[0]:\\n[ 279.868433] ==================================================================\\n[ 279.869964] BUG: KASAN: slab-use-after-free in flow_block_cb_setup_simple+0x631/0x7c0\\n[ 279.871527] Read of size 8 at addr ffff888147e2bf20 by task tc/2963\\n\\n[ 279.873151] CPU: 6 PID: 2963 Comm: tc Not tainted 6.3.0-rc6+ #4\\n[ 279.874273] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\\n[ 279.876295] Call Trace:\\n[ 279.876882] \u003cTASK\u003e\\n[ 279.877413] dump_stack_lvl+0x33/0x50\\n[ 279.878198] print_report+0xc2/0x610\\n[ 279.878987] ? flow_block_cb_setup_simple+0x631/0x7c0\\n[ 279.879994] kasan_report+0xae/0xe0\\n[ 279.880750] ? flow_block_cb_setup_simple+0x631/0x7c0\\n[ 279.881744] ? mlx5e_tc_reoffload_flows_work+0x240/0x240 [mlx5_core]\\n[ 279.883047] flow_block_cb_setup_simple+0x631/0x7c0\\n[ 279.884027] tcf_block_offload_cmd.isra.0+0x189/0x2d0\\n[ 279.885037] ? tcf_block_setup+0x6b0/0x6b0\\n[ 279.885901] ? mutex_lock+0x7d/0xd0\\n[ 279.886669] ? __mutex_unlock_slowpath.constprop.0+0x2d0/0x2d0\\n[ 279.887844] ? ingress_init+0x1c0/0x1c0 [sch_ingress]\\n[ 279.888846] tcf_block_get_ext+0x61c/0x1200\\n[ 279.889711] ingress_init+0x112/0x1c0 [sch_ingress]\\n[ 279.890682] ? clsact_init+0x2b0/0x2b0 [sch_ingress]\\n[ 279.891701] qdisc_create+0x401/0xea0\\n[ 279.892485] ? qdisc_tree_reduce_backlog+0x470/0x470\\n[ 279.893473] tc_modify_qdisc+0x6f7/0x16d0\\n[ 279.894344] ? tc_get_qdisc+0xac0/0xac0\\n[ 279.895213] ? mutex_lock+0x7d/0xd0\\n[ 279.896005] ? __mutex_lock_slowpath+0x10/0x10\\n[ 279.896910] rtnetlink_rcv_msg+0x5fe/0x9d0\\n[ 279.897770] ? rtnl_calcit.isra.0+0x2b0/0x2b0\\n[ 279.898672] ? __sys_sendmsg+0xb5/0x140\\n[ 279.899494] ? do_syscall_64+0x3d/0x90\\n[ 279.900302] ? entry_SYSCALL_64_after_hwframe+0x46/0xb0\\n[ 279.901337] ? kasan_save_stack+0x2e/0x40\\n[ 279.902177] ? kasan_save_stack+0x1e/0x40\\n[ 279.903058] ? kasan_set_track+0x21/0x30\\n[ 279.903913] ? kasan_save_free_info+0x2a/0x40\\n[ 279.904836] ? ____kasan_slab_free+0x11a/0x1b0\\n[ 279.905741] ? kmem_cache_free+0x179/0x400\\n[ 279.906599] netlink_rcv_skb+0x12c/0x360\\n[ 279.907450] ? rtnl_calcit.isra.0+0x2b0/0x2b0\\n[ 279.908360] ? netlink_ack+0x1550/0x1550\\n[ 279.909192] ? rhashtable_walk_peek+0x170/0x170\\n[ 279.910135] ? kmem_cache_alloc_node+0x1af/0x390\\n[ 279.911086] ? _copy_from_iter+0x3d6/0xc70\\n[ 279.912031] netlink_unicast+0x553/0x790\\n[ 279.912864] ? netlink_attachskb+0x6a0/0x6a0\\n[ 279.913763] ? netlink_recvmsg+0x416/0xb50\\n[ 279.914627] netlink_sendmsg+0x7a1/0xcb0\\n[ 279.915473] ? netlink_unicast+0x790/0x790\\n[ 279.916334] ? iovec_from_user.part.0+0x4d/0x220\\n[ 279.917293] ? netlink_unicast+0x790/0x790\\n[ 279.918159] sock_sendmsg+0xc5/0x190\\n[ 279.918938] ____sys_sendmsg+0x535/0x6b0\\n[ 279.919813] ? import_iovec+0x7/0x10\\n[ 279.920601] ? kernel_sendmsg+0x30/0x30\\n[ 279.921423] ? __copy_msghdr+0x3c0/0x3c0\\n[ 279.922254] ? import_iovec+0x7/0x10\\n[ 279.923041] ___sys_sendmsg+0xeb/0x170\\n[ 279.923854] ? copy_msghdr_from_user+0x110/0x110\\n[ 279.924797] ? ___sys_recvmsg+0xd9/0x130\\n[ 279.925630] ? __perf_event_task_sched_in+0x183/0x470\\n[ 279.926656] ? ___sys_sendmsg+0x170/0x170\\n[ 279.927529] ? ctx_sched_in+0x530/0x530\\n[ 279.928369] ? update_curr+0x283/0x4f0\\n[ 279.929185] ? perf_event_update_userpage+0x570/0x570\\n[ 279.930201] ? __fget_light+0x57/0x520\\n[ 279.931023] ? __switch_to+0x53d/0xe70\\n[ 27\\n---truncated---\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/26aec72429a05e917d574eca0efc5306c63a8862\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/55866fe3fded3ce94ac3fc1bb3dfce654282f483\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/7311c8be3755611bf6edea4dfbeb190b4bdd489f\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/7b7a74ed303d532fb73ae4b1697f16a0fea89cd0\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/cb145932fcf6814e7e95e467eb70e7849a845ae9\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/cc5fe387c6294d0471cb7ed064efac97fac65ccc\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/da94a7781fc3c92e7df7832bc2746f4d39bc624e\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…