Bugzilla – Bug 1212845
VUL-0: CVE-2023-3439: kernel-source,kernel-source-rt,kernel-source-azure: mctp: use-after-free read in mctp_local_output()
Last modified: 2023-06-29 08:34:54 UTC
CVE-2023-3439 A flaw was found in the MCTP protocol in the Linux kernel. The function mctp_unregister() reclaims the device's relevant resource when a netcard detaches. However, a running routine may be unaware of this and cause the use-after-free of the mdev->addrs object, potentially leading to a denial of service. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3439 https://bugzilla.redhat.com/show_bug.cgi?id=2217915 https://www.cve.org/CVERecord?id=CVE-2023-3439 https://github.com/torvalds/linux/commit/b561275d633bcd8e0e8055ab86f1a13df75a0269
Fixing commit: https://github.com/torvalds/linux/commit/b561275d633bcd8e0e8055ab86f1a13df75a0269 Commit introducing the issue: https://github.com/torvalds/linux/commit/583be982d93479ea3d85091b0fd0b01201ede87d Not affected (does not include introducing commit): - SLE12-SP5 - SLE15-SP4-AZURE - SLE15-SP4-RT - SLE15-SP4 - SLE15-SP5 - SLE15-SP5-AZURE - SLE15-SP5-RT - cve/linux-3.0 - cve/linux-4.12 - cve/linux-4.4 - cve/linux-5.3 Not Affected (contains fix and introducing commit): - ALP-current - stable closing