CVE-2020-12652
Description
The __mptctl_ioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows local users to hold an incorrect lock during the ioctl operation and trigger a race condition, i.e., a double fetch vulnerability, aka CID-28d76df18f0a. NOTE: the vendor states The security impact of this bug is not as bad as it could have been because these operations are all privileged and root already has enormous destructive power.
Risk Information
Base Score
4.1
MODERATE
Vector
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.067
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| SUSE-SU-2020:14393-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-default-extra-3.0.101-108.114.1.i586.rpm | Linux |
| SUSE-SU-2020:14393-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-default-extra-3.0.101-108.114.1.x86_64.rpm | Linux |
| SUSE-SU-2020:14393-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-pae-extra-3.0.101-108.114.1.i586.rpm | Linux |
| SUSE-SU-2020:14393-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-trace-extra-3.0.101-108.114.1.x86_64.rpm | Linux |
| SUSE-SU-2020:14393-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-xen-extra-3.0.101-108.114.1.i586.rpm | Linux |
| SUSE-SU-2020:14393-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-xen-extra-3.0.101-108.114.1.x86_64.rpm | Linux |
| SUSE-SU-2020:1587-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-4.12.14-16.16.1.x86_64.rpm | Linux |
| SUSE-SU-2020:1587-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-base-4.12.14-16.16.1.x86_64.rpm | Linux |
| SUSE-SU-2020:1587-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-base-debuginfo-4.12.14-16.16.1.x86_64.rpm | Linux |
| SUSE-SU-2020:1587-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-debuginfo-4.12.14-16.16.1.x86_64.rpm | Linux |
| SUSE-SU-2020:1587-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-debugsource-4.12.14-16.16.1.x86_64.rpm | Linux |
| SUSE-SU-2020:1587-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-devel-4.12.14-16.16.1.x86_64.rpm | Linux |
| SUSE-SU-2020:1587-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-devel-azure-4.12.14-16.16.1.noarch.rpm | Linux |
| SUSE-SU-2020:1587-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-source-azure-4.12.14-16.16.1.noarch.rpm | Linux |
| SUSE-SU-2020:1587-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-syms-azure-4.12.14-16.16.1.x86_64.rpm | Linux |
| SUSE-SU-2020:1603-1(SUSE Linux Enterprise Server 12-SP4 ) kernel-azure-4.12.14-6.43.1.x86_64.rpm | Linux |
| SUSE-SU-2020:1603-1(SUSE Linux Enterprise Server 12-SP4 ) kernel-azure-base-4.12.14-6.43.1.x86_64.rpm | Linux |
| SUSE-SU-2020:1603-1(SUSE Linux Enterprise Server 12-SP4 ) kernel-azure-base-debuginfo-4.12.14-6.43.1.x86_64.rpm | Linux |
| SUSE-SU-2020:1603-1(SUSE Linux Enterprise Server 12-SP4 ) kernel-azure-debuginfo-4.12.14-6.43.1.x86_64.rpm | Linux |
| SUSE-SU-2020:1603-1(SUSE Linux Enterprise Server 12-SP4 ) kernel-azure-debugsource-4.12.14-6.43.1.x86_64.rpm | Linux |
| SUSE-SU-2020:1603-1(SUSE Linux Enterprise Server 12-SP4 ) kernel-azure-devel-4.12.14-6.43.1.x86_64.rpm | Linux |
| SUSE-SU-2020:1603-1(SUSE Linux Enterprise Server 12-SP4 ) kernel-devel-azure-4.12.14-6.43.1.noarch.rpm | Linux |
| SUSE-SU-2020:1603-1(SUSE Linux Enterprise Server 12-SP4 ) kernel-source-azure-4.12.14-6.43.1.noarch.rpm | Linux |
| SUSE-SU-2020:1603-1(SUSE Linux Enterprise Server 12-SP4 ) kernel-syms-azure-4.12.14-6.43.1.x86_64.rpm | Linux |
| SUSE-SU-2020:14442-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-default-extra-3.0.101-108.117.1.i586.rpm | Linux |
| SUSE-SU-2020:14442-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-default-extra-3.0.101-108.117.1.x86_64.rpm | Linux |
| SUSE-SU-2020:14442-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-pae-extra-3.0.101-108.117.1.i586.rpm | Linux |
| SUSE-SU-2020:14442-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-trace-extra-3.0.101-108.117.1.x86_64.rpm | Linux |
| SUSE-SU-2020:14442-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-xen-extra-3.0.101-108.117.1.i586.rpm | Linux |
| SUSE-SU-2020:14442-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-xen-extra-3.0.101-108.117.1.x86_64.rpm | Linux |
| Kernel-uek update (ELSA-2021-9002) kernel-uek-4.1.12-124.46.3.el6uek.x86_64.rpm | Linux |
| Kernel-uek-debug update (ELSA-2021-9002) kernel-uek-debug-4.1.12-124.46.3.el6uek.x86_64.rpm | Linux |
| Kernel-uek-debug-devel update (ELSA-2021-9002) kernel-uek-debug-devel-4.1.12-124.46.3.el6uek.x86_64.rpm | Linux |
| Kernel-uek-devel update (ELSA-2021-9002) kernel-uek-devel-4.1.12-124.46.3.el6uek.x86_64.rpm | Linux |
| Kernel-uek-doc update (ELSA-2021-9002) kernel-uek-doc-4.1.12-124.46.3.el6uek.noarch.rpm | Linux |
| Kernel-uek-firmware update (ELSA-2021-9002) kernel-uek-firmware-4.1.12-124.46.3.el6uek.noarch.rpm | Linux |
| Kernel-uek update (ELSA-2021-9002) kernel-uek-4.1.12-124.46.3.el7uek.x86_64.rpm | Linux |
| Kernel-uek-debug update (ELSA-2021-9002) kernel-uek-debug-4.1.12-124.46.3.el7uek.x86_64.rpm | Linux |
| Kernel-uek-debug-devel update (ELSA-2021-9002) kernel-uek-debug-devel-4.1.12-124.46.3.el7uek.x86_64.rpm | Linux |
| Kernel-uek-devel update (ELSA-2021-9002) kernel-uek-devel-4.1.12-124.46.3.el7uek.x86_64.rpm | Linux |
| Kernel-uek-doc update (ELSA-2021-9002) kernel-uek-doc-4.1.12-124.46.3.el7uek.noarch.rpm | Linux |
| Kernel-uek-firmware update (ELSA-2021-9002) kernel-uek-firmware-4.1.12-124.46.3.el7uek.noarch.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234