nvd-json-data-feeds/CVE-2023/CVE-2023-528xx/CVE-2023-52837.json

{
  "id": "CVE-2023-52837",
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "published": "2024-05-21T16:15:21.170",
  "lastModified": "2024-05-21T16:53:56.550",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: fix uaf in nbd_open\n\nCommit 4af5f2e03013 (\"nbd: use blk_mq_alloc_disk and\nblk_cleanup_disk\") cleans up disk by blk_cleanup_disk() and it won't set\ndisk->private_data as NULL as before. UAF may be triggered in nbd_open()\nif someone tries to open nbd device right after nbd_put() since nbd has\nbeen free in nbd_dev_remove().\n\nFix this by implementing ->free_disk and free private data in it."
    },
    {
      "lang": "es",
      "value": " En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: nbd: corrija uaf en nbd_open Commit 4af5f2e03013 (\"nbd: use blk_mq_alloc_disk y blk_cleanup_disk\") limpia el disco mediante blk_cleanup_disk() y no configurar\u00e1 disk-&gt;private_data como NULL como antes. UAF puede activarse en nbd_open() si alguien intenta abrir el dispositivo nbd justo despu\u00e9s de nbd_put() ya que nbd ha estado libre en nbd_dev_remove(). Solucione este problema implementando -&gt;free_disk y datos privados gratuitos en \u00e9l."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://git.kernel.org/stable/c/327462725b0f759f093788dfbcb2f1fd132f956b",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
    },
    {
      "url": "https://git.kernel.org/stable/c/4e9b3ec84dc97909876641dad14e0a2300d6c2a3",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
    },
    {
      "url": "https://git.kernel.org/stable/c/56bd7901b5e9dbc9112036ea615ebcba1565fafe",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
    },
    {
      "url": "https://git.kernel.org/stable/c/879947f4180bc6e83af64eb0515e0cf57fce15db",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
    }
  ]
}
Auto-Update: 2024-05-21T18:00:39.180206+00:00 2024-05-21 18:03:30 +00:00			`{`
			`"id": "CVE-2023-52837",`
			`"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",`
			`"published": "2024-05-21T16:15:21.170",`
			`"lastModified": "2024-05-21T16:53:56.550",`
			`"vulnStatus": "Awaiting Analysis",`
Auto-Update: 2024-07-14T02:00:17.787041+00:00 2024-07-14 02:06:08 +00:00			`"cveTags": [],`
Auto-Update: 2024-05-21T18:00:39.180206+00:00 2024-05-21 18:03:30 +00:00			`"descriptions": [`
			`{`
			`"lang": "en",`
			`"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: fix uaf in nbd_open\n\nCommit 4af5f2e03013 (\"nbd: use blk_mq_alloc_disk and\nblk_cleanup_disk\") cleans up disk by blk_cleanup_disk() and it won't set\ndisk->private_data as NULL as before. UAF may be triggered in nbd_open()\nif someone tries to open nbd device right after nbd_put() since nbd has\nbeen free in nbd_dev_remove().\n\nFix this by implementing ->free_disk and free private data in it."`
Auto-Update: 2024-05-26T02:00:29.531128+00:00 2024-05-26 02:03:22 +00:00			`},`
			`{`
			`"lang": "es",`
			"value": " En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: nbd: corrija uaf en nbd_open Commit 4af5f2e03013 (\"nbd: use blk_mq_alloc_disk y blk_cleanup_disk\") limpia el disco mediante blk_cleanup_disk() y no configurar\u00e1 disk->private_data como NULL como antes. UAF puede activarse en nbd_open() si alguien intenta abrir el dispositivo nbd justo despu\u00e9s de nbd_put() ya que nbd ha estado libre en nbd_dev_remove(). Solucione este problema implementando ->free_disk y datos privados gratuitos en \u00e9l."
Auto-Update: 2024-05-21T18:00:39.180206+00:00 2024-05-21 18:03:30 +00:00			`}`
			`],`
			`"metrics": {},`
			`"references": [`
			`{`
			`"url": "https://git.kernel.org/stable/c/327462725b0f759f093788dfbcb2f1fd132f956b",`
			`"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"`
			`},`
			`{`
			`"url": "https://git.kernel.org/stable/c/4e9b3ec84dc97909876641dad14e0a2300d6c2a3",`
			`"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"`
			`},`
			`{`
			`"url": "https://git.kernel.org/stable/c/56bd7901b5e9dbc9112036ea615ebcba1565fafe",`
			`"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"`
			`},`
			`{`
			`"url": "https://git.kernel.org/stable/c/879947f4180bc6e83af64eb0515e0cf57fce15db",`
			`"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"`
			`}`
			`]`
			`}`