CVE-2023-52454
Published: Feb 23, 2024
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length If the host sends an H2CData command with an invalid DATAL, the kernel may crash in nvmet_tcp_build_pdu_iovec(). Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 lr : nvmet_tcp_io_work+0x6ac/0x718 [nvmet_tcp] Call trace: process_one_work+0x174/0x3c8 worker_thread+0x2d0/0x3e8 kthread+0x104/0x110 Fix the bug by raising a fatal error if DATAL isn't coherent with the packet size. Also, the PDU length should never exceed the MAXH2CDATA parameter which has been communicated to the host in nvmet_tcp_handle_icreq().
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 872d26a391da92ed8f0c0f5cb5fef428067b7f30 - < ee5e7632e981673f42a50ade25e71e612e543d9daffected 872d26a391da92ed8f0c0f5cb5fef428067b7f30 - < f775f2621c2ac5cc3a0b3a64665dad4fb146e510affected 872d26a391da92ed8f0c0f5cb5fef428067b7f30 - < 4cb3cf7177ae3666be7fb27d4ad4d72a295fb02daffected 872d26a391da92ed8f0c0f5cb5fef428067b7f30 - < 2871aa407007f6f531fae181ad252486e022df42affected 872d26a391da92ed8f0c0f5cb5fef428067b7f30 - < 24e05760186dc070d3db190ca61efdbce23afc88+2 more versions |
Linux | Linux | affected 5.0unaffected 0 - < 5.0unaffected 5.4.268 - <= 5.4.*unaffected 5.10.209 - <= 5.10.*unaffected 5.15.148 - <= 5.15.*+4 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now