diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2023-11-22 08:03:48 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2023-11-22 08:03:48 +0100 |
commit | d525fe4e98b3dc211d62682971056086b7def67b (patch) | |
tree | 6f2a13645dd13bab86e548bcdf831df3845dc1d7 /active/CVE-2023-6238 | |
parent | a72f89d9e35ece4bd3b1edab000baac7a2c60433 (diff) |
Add CVE-2023-6238
Diffstat (limited to 'active/CVE-2023-6238')
-rw-r--r-- | active/CVE-2023-6238 | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/active/CVE-2023-6238 b/active/CVE-2023-6238 new file mode 100644 index 00000000..2e29650a --- /dev/null +++ b/active/CVE-2023-6238 @@ -0,0 +1,20 @@ +Description: nvme: memory corruption via unprivileged user passthrough +References: + https://bugzilla.redhat.com/show_bug.cgi?id=2250834 + https://lore.kernel.org/linux-nvme/20231013051458.39987-1-joshi.k@samsung.com/T/#u + https://lore.kernel.org/linux-nvme/20231016060519.231880-1-joshi.k@samsung.com/T/#u +Notes: + carnil> Issue introduced with 855b7717f44b1 ("nvme: fine-granular + carnil> CAP_SYS_ADMIN for nvme io commands") in 6.2-rc1. + carnil> To exploit the issue it's still required that root changes the + carnil> device node persmissions. Though this was allowed unter the + carnil> assumtion it was safe to allow (which turns out not to be). +Bugs: +upstream: needed +6.1-upstream-stable: N/A "Vulnerable code not present" +5.10-upstream-stable: N/A "Vulnerable code not present" +4.19-upstream-stable: N/A "Vulnerable code not present" +sid: needed +6.1-bookworm-security: N/A "Vulnerable code not present" +5.10-bullseye-security: N/A "Vulnerable code not present" +4.19-buster-security: N/A "Vulnerable code not present" |