fkie_cve-2023-52732
Vulnerability from fkie_nvd
Published
2024-05-21 16:15
Modified
2024-11-21 08:40
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: ceph: blocklist the kclient when receiving corrupted snap trace When received corrupted snap trace we don't know what exactly has happened in MDS side. And we shouldn't continue IOs and metadatas access to MDS, which may corrupt or get incorrect contents. This patch will just block all the further IO/MDS requests immediately and then evict the kclient itself. The reason why we still need to evict the kclient just after blocking all the further IOs is that the MDS could revoke the caps faster.
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/66ec619e4591f8350f99c5269a7ce160cccc7a7c
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/a68e564adcaa69b0930809fb64d9d5f7d9c32ba9
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/66ec619e4591f8350f99c5269a7ce160cccc7a7c
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/a68e564adcaa69b0930809fb64d9d5f7d9c32ba9
Impacted products
Vendor Product Version


To clipboard 

{
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In the Linux kernel, the following vulnerability has been resolved:\n\nceph: blocklist the kclient when receiving corrupted snap trace\n\nWhen received corrupted snap trace we don't know what exactly has\nhappened in MDS side. And we shouldn't continue IOs and metadatas\naccess to MDS, which may corrupt or get incorrect contents.\n\nThis patch will just block all the further IO/MDS requests\nimmediately and then evict the kclient itself.\n\nThe reason why we still need to evict the kclient just after\nblocking all the further IOs is that the MDS could revoke the caps\nfaster.",
      },
      {
         lang: "es",
         value: "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ceph: lista de bloqueo del kclient cuando se recibe un seguimiento instantáneo corrupto. Cuando recibimos un seguimiento instantáneo corrupto, no sabemos qué ha sucedido exactamente en el lado MDS. Y no debemos continuar con el acceso de IO y metadatos a MDS, lo que puede dañar u obtener contenidos incorrectos. Este parche simplemente bloqueará todas las solicitudes IO/MDS adicionales inmediatamente y luego expulsará al propio kclient. La razón por la que todavía necesitamos desalojar al kclient justo después de bloquear todas las IO adicionales es que el MDS podría revocar los límites más rápido.",
      },
   ],
   id: "CVE-2023-52732",
   lastModified: "2024-11-21T08:40:28.117",
   metrics: {},
   published: "2024-05-21T16:15:13.303",
   references: [
      {
         source: "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
         url: "https://git.kernel.org/stable/c/66ec619e4591f8350f99c5269a7ce160cccc7a7c",
      },
      {
         source: "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
         url: "https://git.kernel.org/stable/c/a68e564adcaa69b0930809fb64d9d5f7d9c32ba9",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://git.kernel.org/stable/c/66ec619e4591f8350f99c5269a7ce160cccc7a7c",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://git.kernel.org/stable/c/a68e564adcaa69b0930809fb64d9d5f7d9c32ba9",
      },
   ],
   sourceIdentifier: "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
   vulnStatus: "Awaiting Analysis",
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.