CVE-2023-54117

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel related to the s390/dcssblk subsystem, potentially leading to a kernel crash due to list add corruption. The issue stems from missing dax remove host() calls and incorrect error handling within the dax add host() function, introduced by commit fb08a1908cb1. This can result in stale xarray entries during device add/remove cycles. Specifically, a previously used gendisk pointer might be reused, causing xa insert() to fail and leading to an extra put device() call in the error path. Combined with existing error handling issues in dcssblk, this can cause a missing device del()/klist del(), ultimately triggering a kernel crash with list add corruption during subsequent device add/klist add operations.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.