CVE-2023-54317
Description
In the Linux kernel, the following vulnerability has been resolved:
dm flakey: don't corrupt the zero page
When we need to zero some range on a block device, the function __blkdev_issue_zero_pages submits a write bio with the bio vector pointing to the zero page. If we use dm-flakey with corrupt bio writes option, it will corrupt the content of the zero page which results in crashes of various userspace programs. Glibc assumes that memory returned by mmap is zeroed and it uses it for calloc implementation; if the newly mapped memory is not zeroed, calloc will return non-zeroed memory.
Fix this bug by testing if the page is equal to ZERO_PAGE(0) and avoiding the corruption in this case.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
84- osv-coords83 versionspkg:linux/kernelpkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP4pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSSpkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_48&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_34&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSSpkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSSpkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/kgraft-patch-SLE12-SP5_Update_76&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012%20SP5
< 4.14.308+ 82 more
- (no CPE)range: < 4.14.308
- (no CPE)range: < 5.14.21-150400.24.194.1
- (no CPE)range: < 5.14.21-150400.24.194.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150400.24.194.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150400.24.194.1.150400.24.98.3
- (no CPE)range: < 5.14.21-150400.24.194.1.150400.24.98.3
- (no CPE)range: < 5.14.21-150500.55.133.1.150500.6.65.1
- (no CPE)range: < 5.14.21-150500.55.133.1.150500.6.65.1
- (no CPE)range: < 5.14.21-150400.24.194.1.150400.24.98.3
- (no CPE)range: < 5.14.21-150400.24.194.1.150400.24.98.3
- (no CPE)range: < 5.14.21-150500.55.133.1.150500.6.65.1
- (no CPE)range: < 5.14.21-150400.24.194.1.150400.24.98.3
- (no CPE)range: < 5.14.21-150500.55.133.1.150500.6.65.1
- (no CPE)range: < 5.14.21-150400.24.194.1.150400.24.98.3
- (no CPE)range: < 5.14.21-150500.55.133.1.150500.6.65.1
- (no CPE)range: < 5.14.21-150400.24.194.1
- (no CPE)range: < 5.14.21-150400.24.194.1
- (no CPE)range: < 5.14.21-150400.24.194.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 4.12.14-122.290.1
- (no CPE)range: < 5.14.21-150400.24.194.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150400.24.194.1
- (no CPE)range: < 5.14.21-150400.24.194.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 4.12.14-122.290.1
- (no CPE)range: < 5.14.21-150400.24.194.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150400.24.194.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 4.12.14-122.290.1
- (no CPE)range: < 5.14.21-150400.24.194.1
- (no CPE)range: < 5.14.21-150400.24.194.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150400.24.194.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150400.24.194.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 1-150400.9.7.1
- (no CPE)range: < 1-150500.11.3.1
- (no CPE)range: < 5.14.21-150400.24.194.1
- (no CPE)range: < 5.14.21-150400.24.194.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150400.24.194.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150400.24.194.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150400.15.142.1
- (no CPE)range: < 5.14.21-150400.15.142.1
- (no CPE)range: < 5.14.21-150500.13.118.1
- (no CPE)range: < 5.14.21-150400.24.194.1
- (no CPE)range: < 5.14.21-150400.24.194.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 4.12.14-122.290.1
- (no CPE)range: < 5.14.21-150400.24.194.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150400.24.194.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 4.12.14-122.290.1
- (no CPE)range: < 5.14.21-150400.15.142.1
- (no CPE)range: < 5.14.21-150400.15.142.1
- (no CPE)range: < 5.14.21-150500.13.118.1
- (no CPE)range: < 5.14.21-150400.24.194.1
- (no CPE)range: < 5.14.21-150400.24.194.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 4.12.14-122.290.1
- (no CPE)range: < 5.14.21-150400.24.194.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150400.24.194.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 4.12.14-122.290.1
- (no CPE)range: < 5.14.21-150400.24.194.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 1-8.7.1
Patches
Vulnerability mechanics
References
8- git.kernel.org/stable/c/3c4a56ef7c538d16c1738ba0ccea9e7146105b5anvd
- git.kernel.org/stable/c/63d31617883d64b43b0e2d529f0751f40713ecaenvd
- git.kernel.org/stable/c/98e311be44dbe31ad9c42aa067b2359bac451fdanvd
- git.kernel.org/stable/c/b7f8892f672222dbfcc721f51edc03963212b249nvd
- git.kernel.org/stable/c/be360c83f2d810493c04f999d69ec9152981e0c0nvd
- git.kernel.org/stable/c/f2b478228bfdd11e358c5bc197561331f5d5c394nvd
- git.kernel.org/stable/c/f50714b57aecb6b3dc81d578e295f86d9c73f078nvd
- git.kernel.org/stable/c/ff60b2bb680ebcaf8890814dd51084a022891469nvd
News mentions
0No linked articles in our index yet.