CVE-2023-52885
Publication date 14 July 2024
Last updated 30 August 2024
Ubuntu priority
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix UAF in svc_tcp_listen_data_ready() After the listener svc_sock is freed, and before invoking svc_tcp_accept() for the established child sock, there is a window that the newsock retaining a freed listener svc_sock in sk_user_data which cloning from parent. In the race window, if data is received on the newsock, we will observe use-after-free report in svc_tcp_listen_data_ready(). Reproduce by two tasks: 1. while :; do rpc.nfsd 0 ; rpc.nfsd; done 2. while :; do echo "" | ncat -4 127.0.0.1 2049 ; done KASAN report: ================================================================== BUG: KASAN: slab-use-after-free in svc_tcp_listen_data_ready+0x1cf/0x1f0 [sunrpc] Read of size 8 at addr ffff888139d96228 by task nc/102553 CPU: 7 PID: 102553 Comm: nc Not tainted 6.3.0+ #18 Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020 Call Trace: <IRQ> dump_stack_lvl+0x33/0x50 print_address_description.constprop.0+0x27/0x310 print_report+0x3e/0x70 kasan_report+0xae/0xe0 svc_tcp_listen_data_ready+0x1cf/0x1f0 [sunrpc] tcp_data_queue+0x9f4/0x20e0 tcp_rcv_established+0x666/0x1f60 tcp_v4_do_rcv+0x51c/0x850 tcp_v4_rcv+0x23fc/0x2e80 ip_protocol_deliver_rcu+0x62/0x300 ip_local_deliver_finish+0x267/0x350 ip_local_deliver+0x18b/0x2d0 ip_rcv+0x2fb/0x370 __netif_receive_skb_one_core+0x166/0x1b0 process_backlog+0x24c/0x5e0 __napi_poll+0xa2/0x500 net_rx_action+0x854/0xc90 __do_softirq+0x1bb/0x5de do_softirq+0xcb/0x100 </IRQ> <TASK> ... </TASK> Allocated by task 102371: kasan_save_stack+0x1e/0x40 kasan_set_track+0x21/0x30 __kasan_kmalloc+0x7b/0x90 svc_setup_socket+0x52/0x4f0 [sunrpc] svc_addsock+0x20d/0x400 [sunrpc] __write_ports_addfd+0x209/0x390 [nfsd] write_ports+0x239/0x2c0 [nfsd] nfsctl_transaction_write+0xac/0x110 [nfsd] vfs_write+0x1c3/0xae0 ksys_write+0xed/0x1c0 do_syscall_64+0x38/0x90 entry_SYSCALL_64_after_hwframe+0x72/0xdc Freed by task 102551: kasan_save_stack+0x1e/0x40 kasan_set_track+0x21/0x30 kasan_save_free_info+0x2a/0x50 __kasan_slab_free+0x106/0x190 __kmem_cache_free+0x133/0x270 svc_xprt_free+0x1e2/0x350 [sunrpc] svc_xprt_destroy_all+0x25a/0x440 [sunrpc] nfsd_put+0x125/0x240 [nfsd] nfsd_svc+0x2cb/0x3c0 [nfsd] write_threads+0x1ac/0x2a0 [nfsd] nfsctl_transaction_write+0xac/0x110 [nfsd] vfs_write+0x1c3/0xae0 ksys_write+0xed/0x1c0 do_syscall_64+0x38/0x90 entry_SYSCALL_64_after_hwframe+0x72/0xdc Fix the UAF by simply doing nothing in svc_tcp_listen_data_ready() if state != TCP_LISTEN, that will avoid dereferencing svsk for all child socket.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| linux | 24.04 LTS noble |
Not affected
|
| 22.04 LTS jammy |
Fixed 5.15.0-86.96
|
|
| 20.04 LTS focal |
Fixed 5.4.0-166.183
|
|
| 18.04 LTS bionic | Ignored | |
| 16.04 LTS xenial |
Not affected
|
|
| 14.04 LTS trusty |
Not affected
|
|
| linux-allwinner-5.19 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Ignored | |
| 20.04 LTS focal | Not in release | |
| linux-aws | 24.04 LTS noble |
Not affected
|
| 22.04 LTS jammy |
Fixed 5.15.0-1047.52
|
|
| 20.04 LTS focal |
Fixed 5.4.0-1113.123
|
|
| 18.04 LTS bionic | Ignored | |
| 16.04 LTS xenial |
Not affected
|
|
| 14.04 LTS trusty |
Not affected
|
|
| linux-aws-5.0 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Ignored | |
| linux-aws-5.11 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Ignored | |
| linux-aws-5.13 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Ignored | |
| linux-aws-5.15 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal |
Fixed 5.15.0-1047.52~20.04.1
|
|
| linux-aws-5.19 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Ignored | |
| 20.04 LTS focal | Not in release | |
| linux-aws-5.3 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Ignored | |
| linux-aws-5.4 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic |
Vulnerable, work in progress
|
|
| linux-aws-5.8 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Ignored | |
| linux-aws-6.2 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Ignored | |
| 20.04 LTS focal | Not in release | |
| linux-aws-6.5 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy |
Not affected
|
|
| 20.04 LTS focal | Not in release | |
| linux-aws-fips | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| linux-aws-hwe | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| 16.04 LTS xenial | Ignored | |
| linux-azure | 24.04 LTS noble |
Not affected
|
| 22.04 LTS jammy |
Fixed 5.15.0-1049.56
|
|
| 20.04 LTS focal |
Fixed 5.4.0-1119.126
|
|
| 18.04 LTS bionic | Ignored | |
| 16.04 LTS xenial | Ignored | |
| 14.04 LTS trusty | Ignored | |
| linux-azure-4.15 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Ignored | |
| linux-azure-5.11 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Ignored | |
| linux-azure-5.13 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Ignored | |
| linux-azure-5.15 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal |
Fixed 5.15.0-1049.56~20.04.1
|
|
| linux-azure-5.19 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Ignored | |
| 20.04 LTS focal | Not in release | |
| linux-azure-5.3 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Ignored | |
| linux-azure-5.4 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic |
Vulnerable, work in progress
|
|
| linux-azure-5.8 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Ignored | |
| linux-azure-6.2 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Ignored | |
| 20.04 LTS focal | Not in release | |
| linux-azure-6.5 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy |
Not affected
|
|
| 20.04 LTS focal | Not in release | |
| linux-azure-edge | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Ignored | |
| linux-azure-fde | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy |
Fixed 5.15.0-1049.56.1
|
|
| 20.04 LTS focal | Ignored | |
| linux-azure-fde-5.15 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal |
Fixed 5.15.0-1049.56~20.04.1.1
|
|
| linux-azure-fde-5.19 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Ignored | |
| 20.04 LTS focal | Not in release | |
| linux-azure-fde-6.2 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Ignored | |
| 20.04 LTS focal | Not in release | |
| linux-azure-fips | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| linux-bluefield | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal |
Fixed 5.4.0-1074.80
|
|
| linux-fips | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| linux-gcp | 24.04 LTS noble |
Not affected
|
| 22.04 LTS jammy |
Fixed 5.15.0-1044.52
|
|
| 20.04 LTS focal |
Fixed 5.4.0-1117.126
|
|
| 18.04 LTS bionic | Ignored | |
| 16.04 LTS xenial | Ignored | |
| linux-gcp-4.15 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Ignored | |
| linux-gcp-5.11 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Ignored | |
| linux-gcp-5.13 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Ignored | |
| linux-gcp-5.15 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal |
Fixed 5.15.0-1044.52~20.04.1
|
|
| linux-gcp-5.19 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Ignored | |
| 20.04 LTS focal | Not in release | |
| linux-gcp-5.3 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Ignored | |
| linux-gcp-5.4 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic |
Vulnerable, work in progress
|
|
| linux-gcp-5.8 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Ignored | |
| linux-gcp-6.2 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Ignored | |
| 20.04 LTS focal | Not in release | |
| linux-gcp-6.5 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy |
Not affected
|
|
| 20.04 LTS focal | Not in release | |
| linux-gcp-fips | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| linux-gke | 24.04 LTS noble |
Not affected
|
| 22.04 LTS jammy |
Fixed 5.15.0-1044.49
|
|
| 20.04 LTS focal | Ignored | |
| linux-gke-4.15 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Ignored | |
| linux-gke-5.15 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Ignored | |
| linux-gke-5.4 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Ignored | |
| linux-gkeop | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy |
Fixed 5.15.0-1030.35
|
|
| 20.04 LTS focal |
Fixed 5.4.0-1080.84
|
|
| linux-gkeop-5.15 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal |
Fixed 5.15.0-1030.35~20.04.1
|
|
| linux-gkeop-5.4 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Ignored | |
| linux-hwe | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Ignored | |
| 16.04 LTS xenial | Ignored | |
| linux-hwe-5.11 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Ignored | |
| linux-hwe-5.13 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Ignored | |
| linux-hwe-5.15 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal |
Fixed 5.15.0-86.96~20.04.1
|
|
| linux-hwe-5.19 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Ignored | |
| 20.04 LTS focal | Not in release | |
| linux-hwe-5.4 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic |
Vulnerable, work in progress
|
|
| linux-hwe-5.8 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Ignored | |
| linux-hwe-6.2 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Ignored | |
| 20.04 LTS focal | Not in release | |
| linux-hwe-6.5 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Ignored | |
| 20.04 LTS focal | Not in release | |
| linux-hwe-6.8 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy |
Not affected
|
|
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-hwe-edge | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Ignored | |
| 16.04 LTS xenial | Ignored | |
| linux-ibm | 24.04 LTS noble |
Not affected
|
| 22.04 LTS jammy |
Fixed 5.15.0-1040.43
|
|
| 20.04 LTS focal |
Fixed 5.4.0-1060.65
|
|
| linux-ibm-5.15 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal |
Fixed 5.15.0-1040.43~20.04.1
|
|
| linux-ibm-5.4 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic |
Vulnerable, work in progress
|
|
| linux-intel | 24.04 LTS noble |
Not affected
|
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| linux-intel-5.13 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Ignored | |
| linux-intel-iot-realtime | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-intel-iotg | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy |
Fixed 5.15.0-1043.49
|
|
| 20.04 LTS focal | Not in release | |
| linux-intel-iotg-5.15 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal |
Fixed 5.15.0-1043.49~20.04.1
|
|
| linux-iot | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal |
Fixed 5.4.0-1025.26
|
|
| linux-kvm | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy |
Fixed 5.15.0-1044.49
|
|
| 20.04 LTS focal |
Fixed 5.4.0-1102.108
|
|
| 18.04 LTS bionic | Ignored | |
| 16.04 LTS xenial |
Not affected
|
|
| linux-laptop | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-lowlatency | 24.04 LTS noble |
Not affected
|
| 22.04 LTS jammy |
Fixed 5.15.0-86.95
|
|
| 20.04 LTS focal | Not in release | |
| linux-lowlatency-hwe-5.15 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal |
Fixed 5.15.0-86.95~20.04.1
|
|
| linux-lowlatency-hwe-5.19 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Ignored | |
| 20.04 LTS focal | Not in release | |
| linux-lowlatency-hwe-6.2 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Ignored | |
| 20.04 LTS focal | Not in release | |
| linux-lowlatency-hwe-6.5 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Ignored | |
| 20.04 LTS focal | Not in release | |
| linux-lowlatency-hwe-6.8 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy |
Not affected
|
|
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-lts-xenial | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| 14.04 LTS trusty |
Not affected
|
|
| linux-nvidia | 24.04 LTS noble |
Not affected
|
| 22.04 LTS jammy |
Fixed 5.15.0-1037.37
|
|
| 20.04 LTS focal | Not in release | |
| linux-nvidia-6.2 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Ignored | |
| 20.04 LTS focal | Not in release | |
| linux-nvidia-6.5 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy |
Not affected
|
|
| 20.04 LTS focal | Not in release | |
| linux-nvidia-6.8 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy |
Not affected
|
|
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-nvidia-lowlatency | 24.04 LTS noble |
Not affected
|
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-oem | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Ignored | |
| linux-oem-5.10 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Ignored | |
| linux-oem-5.13 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Ignored | |
| linux-oem-5.14 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Ignored | |
| linux-oem-5.17 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Ignored | |
| 20.04 LTS focal | Not in release | |
| linux-oem-5.6 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Ignored | |
| linux-oem-6.0 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Ignored | |
| 20.04 LTS focal | Not in release | |
| linux-oem-6.1 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Ignored | |
| 20.04 LTS focal | Not in release | |
| linux-oem-6.5 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy |
Not affected
|
|
| 20.04 LTS focal | Not in release | |
| linux-oem-6.8 | 24.04 LTS noble |
Not affected
|
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| linux-oracle | 24.04 LTS noble |
Not affected
|
| 22.04 LTS jammy |
Fixed 5.15.0-1045.51
|
|
| 20.04 LTS focal |
Fixed 5.4.0-1112.121
|
|
| 18.04 LTS bionic | Ignored | |
| 16.04 LTS xenial | Ignored | |
| linux-oracle-5.0 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Ignored | |
| linux-oracle-5.11 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Ignored | |
| linux-oracle-5.13 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Ignored | |
| linux-oracle-5.15 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal |
Fixed 5.15.0-1045.51~20.04.1
|
|
| linux-oracle-5.3 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Ignored | |
| linux-oracle-5.4 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic |
Vulnerable, work in progress
|
|
| linux-oracle-5.8 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Ignored | |
| linux-oracle-6.5 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy |
Not affected
|
|
| 20.04 LTS focal | Not in release | |
| linux-raspi | 24.04 LTS noble |
Not affected
|
| 22.04 LTS jammy |
Fixed 5.15.0-1040.43
|
|
| 20.04 LTS focal |
Fixed 5.4.0-1097.109
|
|
| linux-raspi-5.4 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic |
Vulnerable, work in progress
|
|
| linux-raspi-realtime | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-raspi2 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Ignored | |
| linux-realtime | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Ignored | |
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-riscv | 24.04 LTS noble |
Not affected
|
| 22.04 LTS jammy | Ignored | |
| 20.04 LTS focal | Ignored | |
| linux-riscv-5.11 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Ignored | |
| linux-riscv-5.15 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal |
Fixed 5.15.0-1043.47~20.04.1
|
|
| linux-riscv-5.19 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Ignored | |
| 20.04 LTS focal | Not in release | |
| linux-riscv-5.8 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Ignored | |
| linux-riscv-6.5 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy |
Not affected
|
|
| 20.04 LTS focal | Not in release | |
| linux-riscv-6.8 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy |
Not affected
|
|
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-starfive | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Not in release | |
| 20.04 LTS focal | Not in release | |
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-starfive-5.19 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Ignored | |
| 20.04 LTS focal | Not in release | |
| linux-starfive-6.2 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy | Ignored | |
| 20.04 LTS focal | Not in release | |
| linux-starfive-6.5 | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy |
Not affected
|
|
| 20.04 LTS focal | Not in release | |
| linux-xilinx-zynqmp | 24.04 LTS noble | Not in release |
| 22.04 LTS jammy |
Fixed 5.15.0-1025.29
|
|
| 20.04 LTS focal |
Fixed 5.4.0-1033.37
|
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score |
7.8 · High
|
| Attack vector | Local |
| Attack complexity | Low |
| Privileges required | Low |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity impact | High |
| Availability impact | High |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
References
Other references
- https://www.cve.org/CVERecord?id=CVE-2023-52885
- https://git.kernel.org/linus/fc80fc2d4e39137869da3150ee169b40bf879287 (6.5-rc1)
- https://git.kernel.org/stable/c/c7b8c2d06e437639694abe76978e915cfb73f428
- https://git.kernel.org/stable/c/dfc896c4a75cb8cd7cb2dfd9b469cf1e3f004254
- https://git.kernel.org/stable/c/42725e5c1b181b757ba11d804443922982334d9b
- https://git.kernel.org/stable/c/cd5ec3ee52ce4b7e283cc11facfa420c297c8065
- https://git.kernel.org/stable/c/fbf4ace39b2e4f3833236afbb2336edbafd75eee
- https://git.kernel.org/stable/c/ef047411887ff0845afd642d6a687819308e1a4e
- https://git.kernel.org/stable/c/7e1f989055622fd086c5dfb291fc72adf5660b6f
- https://git.kernel.org/stable/c/fc80fc2d4e39137869da3150ee169b40bf879287