Vulnerabilites related to netapp - c400_firmware
cve-2023-1077
Vulnerability from cvelistv5
Published
2023-03-27 00:00
Modified
2024-08-02 05:32
Severity ?
Summary
In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption.
Impacted products
Vendor Product Version
n/a Linux kernel Version: unknown
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T05:32:46.360Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=7c4a5b89a0b5a57a64b601775b296abf77a9fe97",
               },
               {
                  name: "[debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update",
                  tags: [
                     "mailing-list",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20230511-0002/",
               },
               {
                  name: "[debian-lts-announce] 20240111 [SECURITY] [DLA 3710-1] linux security update",
                  tags: [
                     "mailing-list",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Linux kernel",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "unknown",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-843",
                     description: "CWE-843",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-01-11T19:06:55.294655",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               url: "https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=7c4a5b89a0b5a57a64b601775b296abf77a9fe97",
            },
            {
               name: "[debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update",
               tags: [
                  "mailing-list",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html",
            },
            {
               url: "https://security.netapp.com/advisory/ntap-20230511-0002/",
            },
            {
               name: "[debian-lts-announce] 20240111 [SECURITY] [DLA 3710-1] linux security update",
               tags: [
                  "mailing-list",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2023-1077",
      datePublished: "2023-03-27T00:00:00",
      dateReserved: "2023-02-27T00:00:00",
      dateUpdated: "2024-08-02T05:32:46.360Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

Vulnerability from fkie_nvd
Published
2023-03-27 21:15
Modified
2024-11-21 07:38
Summary
In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption.



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7DB2C5B7-1672-40ED-9A23-6E6C8A94537F",
                     versionEndExcluding: "4.19.293",
                     versionStartIncluding: "2.6.25",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "13DD5E68-8CB4-46EE-9A8F-C7F6C1A84430",
                     versionEndExcluding: "5.4.235",
                     versionStartIncluding: "4.20",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4D810CFB-B7C5-493C-B98A-0D5F0D8A47B6",
                     versionEndExcluding: "5.10.173",
                     versionStartIncluding: "5.5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5B8B2AC9-2F31-4A0F-96F5-7E26B50B27BB",
                     versionEndExcluding: "5.15.99",
                     versionStartIncluding: "5.11",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0FD95FDA-6525-4B13-B3FB-49D9995FD8ED",
                     versionEndExcluding: "6.1.16",
                     versionStartIncluding: "5.16",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "88C67289-22AD-4CA9-B202-5F5A80E5BA4B",
                     versionEndExcluding: "6.2.3",
                     versionStartIncluding: "6.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:a700s_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FDD92BFA-9117-4E6E-A13F-ED064B4B7284",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:a700s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4B7DA42F-5D64-4967-A2D4-6210FE507841",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:8300_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4E73901F-666D-4D8B-BDFD-93DD2F70C74B",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:8300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D0FD5AED-42CF-4918-B32C-D675738EF15C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:8700_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "34B25BEF-8708-4E2C-8BA6-EBCD5267EB04",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:8700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CE0F11D2-B5D9-46B4-BFC5-C86BC87D516A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:a400_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "04E3BD77-8915-4FFC-8483-5DB5D610F829",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:a400:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "97E94ECB-BB51-4364-BEDD-8648C193196F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:c400_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9AC7AD92-8B33-4137-A4EC-08641E4AF857",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:c400:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD443748-B0D1-4C1A-A62E-BD5FB5967370",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6770B6C3-732E-4E22-BF1C-2D2FD610061C",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9F9C8C20-42EB-4AB5-BD97-212DEB070C43",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7FFF7106-ED78-49BA-9EC5-B889E3685D53",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "56409CEC-5A1E-4450-AA42-641E459CC2AF",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B06F4839-D16A-4A61-9BB5-55B13F41E47F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D0B4AD8A-F172-4558-AEC6-FF424BA2D912",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8497A4C9-8474-4A62-8331-3FE862ED4098",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CDDF61B7-EC5C-467C-B710-B89F502CD04F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption.",
      },
   ],
   id: "CVE-2023-1077",
   lastModified: "2024-11-21T07:38:24.903",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2023-03-27T21:15:10.467",
   references: [
      {
         source: "secalert@redhat.com",
         tags: [
            "Mailing List",
            "Patch",
         ],
         url: "https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=7c4a5b89a0b5a57a64b601775b296abf77a9fe97",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Mailing List",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20230511-0002/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Patch",
         ],
         url: "https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=7c4a5b89a0b5a57a64b601775b296abf77a9fe97",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20230511-0002/",
      },
   ],
   sourceIdentifier: "secalert@redhat.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-843",
            },
         ],
         source: "secalert@redhat.com",
         type: "Secondary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-843",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}