Security tracker / CVE-2023-53111

CVE-2023-53111

loop: Fix use-after-free issues

References

• Debian security tracker
• cve.org

Notes

 carnil> Introduced in c74d40e8b5e2 ("loop: charge i/o to mem and blk cg")
 carnil> bc07c10a3603 ("block: loop: support DIO & AIO"). Vulnerable versions: 4.4.

Bugs

Status

Branch	Status
upstream	released (6.3-rc3) [9b0cb770f5d7b1ff40bea7ca385438ee94570eec]
6.18-upstream-stable	N/A "Fixed before branching point"
6.17-upstream-stable	N/A "Fixed before branching point"
6.14-upstream-stable	N/A "Fixed before branching point"
6.12-upstream-stable	N/A "Fixed before branching point"
6.6-upstream-stable	N/A "Fixed before branching point"
6.1-upstream-stable	released (6.1.21) [e3fda704903f6d1fc351412f1bc6620333959ada]
5.10-upstream-stable	needed
sid	released (6.1.25-1)
6.12-trixie-security	N/A "Fixed before branching point"
6.1-bookworm-security	N/A "Fixed before branching point"
5.10-bullseye-security	needed