search

witchcraze / NVD_CHECK

1 stars 0 forks source link

CHK NVD : CVE-2023-39191 - 6e454e42 #4425

Open witchcraze opened 1 month ago

witchcraze commented 1 month ago

[CVE Configuration Update Request] Update Suggestion - CVE-2023-39191 - Cvss3 : 8.2

https://www.linuxkernelcves.com/cves/CVE-2023-39191 https://gitlab.com/cip-project/cip-kernel/cip-kernel-sec/-/blob/master/issues/CVE-2023-39191.yml https://github.com/witchcraze/NVD_CHECK/blob/main/kernel/CVE-2023-39191.json

- CVE-2023-39191
- Suggested Configuration
  - OR
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.2.0 up to (excluding) 6.2.3
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.3.0 up to (excluding) 6.3
- Reference
  - https://www.kernel.org/pub//linux/kernel/v6.x/ChangeLog-6.2.3
  - https://www.kernel.org/pub//linux/kernel/v6.x/ChangeLog-6.3
- Reference (Commit)
  - bpf: Fix partial dynptr stack slot reads/writes
    - Fixed by
      - 6.2.3 (c33007812a55612d9b2a7b85c8d04cefeeaf0d21)
      - 6.3 (ef8fc7a07c0e161841779d6fe3f6acd5a05c547c) (upstream)
    - Will be introduced by
      - 5.19 (97e03f521050)
  - bpf: Fix missing var_off check for ARG_PTR_TO_DYNPTR
    - Fixed by
      - 6.2.3 (489b67f268ae0270a6c3f2b49144aeeb8eee301a)
      - 6.3 (79168a669d8125453c8a271115f1ffd4294e61f6) (upstream)
    - Will be introduced by
      - 5.19 (97e03f521050)
  - bpf: Fix state pruning for STACK_DYNPTR stack slots
    - Fixed by
      - 6.2.3 (720d2504791a93becde81c335abcea2f42d066a7)
      - 6.3 (d6fefa1105dacc8a742cdcf2f4bfb501c9e61349) (upstream)
    - Will be introduced by
      - 5.19 (97e03f521050)
  - bpf: Avoid recomputing spi in process_dynptr_func
    - Fixed by
      - 6.3 (1ee72bcbe48de6dcfa44d6eba0aec6e42d04cd4d)
    - Will be introduced by
      - 5.19 (97e03f521050)
  - bpf: Combine dynptr_get_spi and is_spi_bounds_valid
    - Fixed by
      - 6.3 (f5b625e5f8bbc6be8bb568a64d7906b091bc7cb0)
    - Will be introduced by
      - 5.19 (97e03f521050)
  - bpf: Allow reinitializing unreferenced dynptr stack slots
    - Fixed by
      - 6.3 (379d4ba831cfa895d0cc61d88cd0e1402f35818c)
    - Will be introduced by
      - 5.19 (97e03f521050)
  - bpf: Invalidate slices on destruction of dynptrs on stack
    - Fixed by
      - 6.3 (f8064ab90d6644bc8338d2d7ff6a0d6e7a1b2ef3)
    - Will be introduced by
      - 5.19 (97e03f521050)
- I Checked
  - XXXXXXXXXXXXXXXXXXXXXXXXXXXX is written as upstream commit in each ChangeLog
  - From XXXXXXXX commit page, XXXXXXXXXXX is the most oldest in commit-branches area
  - For 3.16.35, there is related post at lkml
  - For 3.16 series, 3.16.35 is the next release from 3.16.7 which was released at 2014
  - https://mirrors.edge.kernel.org/pub/linux/kernel/v3.x/
  - XXXX
https://nvd.nist.gov/vuln/detail/CVE-2023-39191 URI Start(Ex) Start(Inc) End(Ex) End(Inc)
cpe:/o:redhat:enterprise_linux:9.0
cpe:/o:linux:linux_kernel 6.3
cpe:/o:fedoraproject:fedora:38
witchcraze commented 1 month ago 
- CVE-2023-39191
- Suggested Configuration
  - OR
     *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.19  up to (excluding) 6.3
- Reference
  - https://ubuntu.com/security/CVE-2023-39191
  - https://www.kernel.org/pub//linux/kernel/v6.x/ChangeLog-6.2.3
  - https://www.kernel.org/pub//linux/kernel/v6.x/ChangeLog-6.3
  - Introduce
    - https://www.kernel.org/pub//linux/kernel/v5.x/ChangeLog-5.19
- Reference (Commit)
  - bpf: Fix partial dynptr stack slot reads/writes
    - Fixed by
      - 6.2.3 (c33007812a55612d9b2a7b85c8d04cefeeaf0d21)
      - 6.3 (ef8fc7a07c0e161841779d6fe3f6acd5a05c547c) (upstream)
    - Will be introduced by
      - 5.19 (97e03f521050)
  - bpf: Fix missing var_off check for ARG_PTR_TO_DYNPTR
    - Fixed by
      - 6.2.3 (489b67f268ae0270a6c3f2b49144aeeb8eee301a)
      - 6.3 (79168a669d8125453c8a271115f1ffd4294e61f6) (upstream)
    - Will be introduced by
      - 5.19 (97e03f521050)
  - bpf: Fix state pruning for STACK_DYNPTR stack slots
    - Fixed by
      - 6.2.3 (720d2504791a93becde81c335abcea2f42d066a7)
      - 6.3 (d6fefa1105dacc8a742cdcf2f4bfb501c9e61349) (upstream)
    - Will be introduced by
      - 5.19 (97e03f521050)
  - bpf: Avoid recomputing spi in process_dynptr_func
    - Fixed by
      - 6.3 (1ee72bcbe48de6dcfa44d6eba0aec6e42d04cd4d)
    - Will be introduced by
      - 5.19 (97e03f521050)
  - bpf: Combine dynptr_get_spi and is_spi_bounds_valid
    - Fixed by
      - 6.3 (f5b625e5f8bbc6be8bb568a64d7906b091bc7cb0)
    - Will be introduced by
      - 5.19 (97e03f521050)
  - bpf: Allow reinitializing unreferenced dynptr stack slots
    - Fixed by
      - 6.3 (379d4ba831cfa895d0cc61d88cd0e1402f35818c)
    - Will be introduced by
      - 5.19 (97e03f521050)
  - bpf: Invalidate slices on destruction of dynptrs on stack
    - Fixed by
      - 6.3 (f8064ab90d6644bc8338d2d7ff6a0d6e7a1b2ef3)
    - Will be introduced by
      - 5.19 (97e03f521050)
- I Checked
  - From Ubuntu page
    - Introduced by 97e03f521050c092919591e668107b3d69c5f426 Fixed by d6fefa1105dacc8a742cdcf2f4bfb501c9e61349
    - Introduced by 97e03f521050c092919591e668107b3d69c5f426 Fixed by 79168a669d8125453c8a271115f1ffd4294e61f6
    - Introduced by 97e03f521050c092919591e668107b3d69c5f426 Fixed by ef8fc7a07c0e161841779d6fe3f6acd5a05c547c
    - Introduced by 97e03f521050c092919591e668107b3d69c5f426 Fixed by f8064ab90d6644bc8338d2d7ff6a0d6e7a1b2ef3
    - Introduced by 97e03f521050c092919591e668107b3d69c5f426 Fixed by 379d4ba831cfa895d0cc61d88cd0e1402f35818c
    - Introduced by 97e03f521050c092919591e668107b3d69c5f426 Fixed by f5b625e5f8bbc6be8bb568a64d7906b091bc7cb0
    - Introduced by 97e03f521050c092919591e668107b3d69c5f426 Fixed by 1ee72bcbe48de6dcfa44d6eba0aec6e42d04cd4d
  - Each fix commit is written in ChangeLog-6.3
  - 97e03f521050c092919591e668107b3d69c5f426 is written in ChangeLog-5.19