Security tracker / CVE-2023-53510

CVE-2023-53510

scsi: ufs: core: Fix handling of lrbp->cmd

References

• Debian security tracker
• cve.org

Notes

 carnil> Introduced in 5a0b0cb9bee7 ("[SCSI] ufs: Add support for sending NOP OUT
 carnil> UPIU"). Vulnerable versions: 3.12.

Bugs

Status

Branch	Status
upstream	released (6.5-rc1) [549e91a9bbaa0ee480f59357868421a61d369770]
7.0-upstream-stable	N/A "Fixed before branching point"
6.19-upstream-stable	N/A "Fixed before branching point"
6.18-upstream-stable	N/A "Fixed before branching point"
6.17-upstream-stable	N/A "Fixed before branching point"
6.16-upstream-stable	N/A "Fixed before branching point"
6.12-upstream-stable	N/A "Fixed before branching point"
6.6-upstream-stable	N/A "Fixed before branching point"
6.1-upstream-stable	released (6.1.167) [b6d76d63c6d21d5d26c301a46853a2aee72397d5]
5.10-upstream-stable	needed
sid	released (6.4.4-1)
6.12-trixie-security	N/A "Fixed before branching point"
6.1-bookworm-security	released (6.1.170-1)
5.10-bullseye-security	needed