CVE-2023-52974
- Source
- https://cve.org/CVERecord?id=CVE-2023-52974
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-52974.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-52974
- Downstream
- Related
- Published
- 2025-03-27T16:43:13.792Z
- Modified
- 2026-04-11T12:46:39.072723Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress
If during iscsiswtcpsessioncreate() iscsitcpr2tpoolalloc() fails, userspace could be accessing the host's ipaddress attr. If we then free the session via iscsisession_teardown() while userspace is still accessing the session we will hit a use after free bug.
Set the tcpswhost->session after we have completed session creation and can no longer fail.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52974.json" }- References
-
- https://git.kernel.org/stable/c/0aaabdb900c7415caa2006ef580322f7eac5f6b6
- https://git.kernel.org/stable/c/496af9d3682ed4c28fb734342a09e6cc0c056ea4
- https://git.kernel.org/stable/c/61e43ebfd243bcbad11be26bd921723027b77441
- https://git.kernel.org/stable/c/6abd4698f4c8a78e7bbfc421205c060c199554a0
- https://git.kernel.org/stable/c/9758ffe1c07b86aefd7ca8e40d9a461293427ca0
- https://git.kernel.org/stable/c/d4d765f4761f9e3a2d62992f825aeee593bcb6b9
- https://git.kernel.org/stable/c/f484a794e4ee2a9ce61f52a78e810ac45f3fe3b3
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52974.json
- https://nvd.nist.gov/vuln/detail/CVE-2023-52974
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduceda79af8a64d395bd89de8695a5ea5e1a7f01f02a8Fixed496af9d3682ed4c28fb734342a09e6cc0c056ea4Fixed6abd4698f4c8a78e7bbfc421205c060c199554a0Fixedd4d765f4761f9e3a2d62992f825aeee593bcb6b9Fixed9758ffe1c07b86aefd7ca8e40d9a461293427ca0Fixed0aaabdb900c7415caa2006ef580322f7eac5f6b6Fixed61e43ebfd243bcbad11be26bd921723027b77441Fixedf484a794e4ee2a9ce61f52a78e810ac45f3fe3b3
Linux / Kernel
Package
- Name
- Kernel
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced2.6.39Fixed4.14.306
- Type
- ECOSYSTEM
- Events
-
Introduced4.15.0Fixed4.19.273
- Type
- ECOSYSTEM
- Events
-
Introduced4.20.0Fixed5.4.232
- Type
- ECOSYSTEM
- Events
-
Introduced5.5.0Fixed5.10.168
- Type
- ECOSYSTEM
- Events
-
Introduced5.11.0Fixed5.15.93
- Type
- ECOSYSTEM
- Events
-
Introduced5.16.0Fixed6.1.11