CVE-2023-54324

EUVD-2023-60480

30.12.2025, 13:16

In the Linux kernel, the following vulnerability has been resolved:

dm: fix a race condition in retrieve_deps

There's a race condition in the multipath target when retrieve_deps
races with multipath_message calling dm_get_device and dm_put_device.
retrieve_deps walks the list of open devices without holding any lock
but multipath may add or remove devices to the list while it is
running. The end result may be memory corruption or use-after-free
memory access.

See this description of a UAF with multipath_message():
https://listman.redhat.com/archives/dm-devel/2022-October/052373.html

Fix this bug by introducing a new rw semaphore "devices_lock". We grab
devices_lock for read in retrieve_deps and we grab it for write in
dm_get_device and dm_put_device.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	UNKNOWN				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 9%

Debian Releases

Debian Product

Codename

linux

bookworm	6.1.148-1 fixed
bookworm (security)	6.1.158-1 fixed
bullseye	vulnerable
bullseye (security)	vulnerable
forky	6.17.13-1 fixed
sid	6.17.13-1 fixed
trixie	6.12.57-1 fixed
trixie (security)	6.12.48-1 fixed

openSUSE / SLES Releases

openSUSE Product

Release

cluster-md-kmp-default

suse enterprise server 15 SP6

6.4.0-150600.23.84.1

fixed

dlm-kmp-default

suse enterprise server 15 SP6

6.4.0-150600.23.84.1

fixed

gfs2-kmp-default

suse enterprise server 15 SP6

6.4.0-150600.23.84.1

fixed

kernel-64kb

suse enterprise desktop 15 SP7	6.4.0-150700.53.28.1 fixed
suse enterprise sap 15 SP7	6.4.0-150700.53.28.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.84.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.53.28.1 fixed

kernel-azure

suse enterprise sap 15 SP7	6.4.0-150700.20.24.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.20.24.1 fixed

kernel-default

suse enterprise desktop 15 SP7	6.4.0-150700.53.28.1 fixed
suse enterprise sap 15 SP7	6.4.0-150700.53.28.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.84.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.53.28.1 fixed

kernel-default-base

suse enterprise desktop 15 SP7	6.4.0-150700.53.28.1.150700.17.19.1 fixed
suse enterprise sap 15 SP7	6.4.0-150700.53.28.1.150700.17.19.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.84.1.150600.12.38.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.53.28.1.150700.17.19.1 fixed

kernel-docs

suse enterprise desktop 15 SP7	6.4.0-150700.53.28.1 fixed
suse enterprise sap 15 SP7	6.4.0-150700.53.28.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.84.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.53.28.1 fixed

kernel-macros

suse enterprise desktop 15 SP7	6.4.0-150700.53.28.1 fixed
suse enterprise sap 15 SP7	6.4.0-150700.53.28.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.84.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.53.28.1 fixed

kernel-obs-build

suse enterprise desktop 15 SP7	6.4.0-150700.53.28.1 fixed
suse enterprise sap 15 SP7	6.4.0-150700.53.28.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.84.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.53.28.1 fixed

kernel-source

suse enterprise desktop 15 SP7	6.4.0-150700.53.28.1 fixed
suse enterprise sap 15 SP7	6.4.0-150700.53.28.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.84.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.53.28.1 fixed

kernel-source-azure

suse enterprise sap 15 SP7	6.4.0-150700.20.24.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.20.24.1 fixed

kernel-syms

suse enterprise desktop 15 SP7	6.4.0-150700.53.28.1 fixed
suse enterprise sap 15 SP7	6.4.0-150700.53.28.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.84.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.53.28.1 fixed

kernel-syms-azure

suse enterprise sap 15 SP7	6.4.0-150700.20.24.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.20.24.1 fixed

kernel-zfcpdump

suse enterprise desktop 15 SP7	6.4.0-150700.53.28.1 fixed
suse enterprise sap 15 SP7	6.4.0-150700.53.28.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.84.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.53.28.1 fixed

ocfs2-kmp-default

suse enterprise server 15 SP6

6.4.0-150600.23.84.1

fixed

reiserfs-kmp-default

suse enterprise server 15 SP6

6.4.0-150600.23.84.1

fixed

Red Hat Enterprise Linux Releases

Red Hat Product

Release

bpftool

RHEL 8	0:4.18.0-553.el8_10 fixed
RHEL 9	0:7.3.0-427.13.1.el9_4 fixed

kernel

RHEL 8	0:4.18.0-553.el8_10 fixed
RHEL 9	0:5.14.0-427.13.1.el9_4 fixed

kernel-64k

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-64k-core

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-64k-debug

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-64k-debug-core

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-64k-debug-devel

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-64k-debug-devel-matched

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-64k-debug-modules

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-64k-debug-modules-core

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-64k-debug-modules-extra

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-64k-devel

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-64k-devel-matched

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-64k-modules

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-64k-modules-core

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-64k-modules-extra

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-abi-stablelists

RHEL 8	0:4.18.0-553.el8_10 fixed
RHEL 9	0:5.14.0-427.13.1.el9_4 fixed

kernel-core

RHEL 8	0:4.18.0-553.el8_10 fixed
RHEL 9	0:5.14.0-427.13.1.el9_4 fixed

kernel-debug

RHEL 8	0:4.18.0-553.el8_10 fixed
RHEL 9	0:5.14.0-427.13.1.el9_4 fixed

kernel-debug-core

RHEL 8	0:4.18.0-553.el8_10 fixed
RHEL 9	0:5.14.0-427.13.1.el9_4 fixed

kernel-debug-devel

RHEL 8	0:4.18.0-553.el8_10 fixed
RHEL 9	0:5.14.0-427.13.1.el9_4 fixed

kernel-debug-devel-matched

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-debug-modules

RHEL 8	0:4.18.0-553.el8_10 fixed
RHEL 9	0:5.14.0-427.13.1.el9_4 fixed

kernel-debug-modules-core

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-debug-modules-extra

RHEL 8	0:4.18.0-553.el8_10 fixed
RHEL 9	0:5.14.0-427.13.1.el9_4 fixed

kernel-debug-uki-virt

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-devel

RHEL 8	0:4.18.0-553.el8_10 fixed
RHEL 9	0:5.14.0-427.13.1.el9_4 fixed

kernel-devel-matched

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-doc

RHEL 8	0:4.18.0-553.el8_10 fixed
RHEL 9	0:5.14.0-427.13.1.el9_4 fixed

kernel-modules

RHEL 8	0:4.18.0-553.el8_10 fixed
RHEL 9	0:5.14.0-427.13.1.el9_4 fixed

kernel-modules-core

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-modules-extra

RHEL 8	0:4.18.0-553.el8_10 fixed
RHEL 9	0:5.14.0-427.13.1.el9_4 fixed

kernel-rt

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-rt-core

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-rt-debug

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-rt-debug-core

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-rt-debug-devel

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-rt-debug-kvm

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-rt-debug-modules

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-rt-debug-modules-core

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-rt-debug-modules-extra

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-rt-devel

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-rt-kvm

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-rt-modules

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-rt-modules-core

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-rt-modules-extra

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-tools

RHEL 8	0:4.18.0-553.el8_10 fixed
RHEL 9	0:5.14.0-427.13.1.el9_4 fixed

kernel-tools-libs

RHEL 8	0:4.18.0-553.el8_10 fixed
RHEL 9	0:5.14.0-427.13.1.el9_4 fixed

kernel-tools-libs-devel

RHEL 8	0:4.18.0-553.el8_10 fixed
RHEL 9	0:5.14.0-427.13.1.el9_4 fixed

kernel-uki-virt

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-zfcpdump

RHEL 8	0:4.18.0-553.el8_10 fixed
RHEL 9	0:5.14.0-427.13.1.el9_4 fixed

kernel-zfcpdump-core

RHEL 8	0:4.18.0-553.el8_10 fixed
RHEL 9	0:5.14.0-427.13.1.el9_4 fixed

kernel-zfcpdump-devel

RHEL 8	0:4.18.0-553.el8_10 fixed
RHEL 9	0:5.14.0-427.13.1.el9_4 fixed

kernel-zfcpdump-devel-matched

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-zfcpdump-modules

RHEL 8	0:4.18.0-553.el8_10 fixed
RHEL 9	0:5.14.0-427.13.1.el9_4 fixed

kernel-zfcpdump-modules-core

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-zfcpdump-modules-extra

RHEL 8	0:4.18.0-553.el8_10 fixed
RHEL 9	0:5.14.0-427.13.1.el9_4 fixed

libperf

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

perf

RHEL 8	0:4.18.0-553.el8_10 fixed
RHEL 9	0:5.14.0-427.13.1.el9_4 fixed

python3-perf

RHEL 8	0:4.18.0-553.el8_10 fixed
RHEL 9	0:5.14.0-427.13.1.el9_4 fixed

rtla

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

References

https://git.kernel.org/stable/c/38f6e5ae5d9ff4a4050ea6f7b543d5d5a4e087cf

https://git.kernel.org/stable/c/dbf1a719850577bb51fc7512a3972994b797a17b

https://git.kernel.org/stable/c/f6007dce0cd35d634d9be91ef3515a6385dcee16