CVE-2023-3141
📋 TL;DR
A use-after-free vulnerability in the Linux kernel's r592 memory stick host driver allows local attackers to crash the system during device disconnect, potentially leaking kernel memory information. This affects Linux systems with the r592 driver loaded, typically those using memory stick devices. Attackers need local access to exploit this vulnerability.
💻 Affected Systems
- Linux Kernel
📦 What is this software?
Hci Baseboard Management Controller by Netapp
View all CVEs affecting Hci Baseboard Management Controller →
Hci Baseboard Management Controller by Netapp
View all CVEs affecting Hci Baseboard Management Controller →
Hci Baseboard Management Controller by Netapp
View all CVEs affecting Hci Baseboard Management Controller →
Hci Baseboard Management Controller by Netapp
View all CVEs affecting Hci Baseboard Management Controller →
Hci Baseboard Management Controller by Netapp
View all CVEs affecting Hci Baseboard Management Controller →
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and potential kernel memory information disclosure, which could aid further exploitation.
Likely Case
System crash or instability when disconnecting memory stick devices, requiring reboot to restore functionality.
If Mitigated
Minor system disruption requiring reboot if exploited by authenticated user.
🎯 Exploit Status
Requires local access and ability to trigger device disconnect events. No public exploit code identified in references.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Linux kernel 6.3.4 and later
Vendor Advisory: https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.4
Restart Required: Yes
Instructions:
1. Update Linux kernel to version 6.3.4 or later. 2. For distributions: Use package manager (apt/yum/dnf) to update kernel package. 3. Reboot system to load new kernel.
🔧 Temporary Workarounds
Disable r592 driver
linuxPrevent loading of vulnerable r592 memory stick host driver
echo 'blacklist r592' >> /etc/modprobe.d/blacklist.conf
rmmod r592
Restrict device access
linuxLimit access to memory stick devices to trusted users only
chmod 600 /dev/memstick*
setfacl -m u:trusteduser:rw /dev/memstick*
🧯 If You Can't Patch
- Implement strict access controls to prevent untrusted users from accessing memory stick devices
- Monitor system logs for kernel panic events related to memory stick disconnections
🔍 How to Verify
Check if Vulnerable:
Check kernel version: uname -r and compare to affected versions (<6.3.4). Check if r592 module is loaded: lsmod | grep r592Check Version:
uname -rVerify Fix Applied:
Verify kernel version is 6.3.4 or later: uname -r. Confirm r592 module functions normally with memory stick devices.📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages in /var/log/kern.log or dmesg
- OOM (Out of Memory) killer activity
- System crash/reboot events
Network Indicators:
- None - local vulnerability only
SIEM Query:
source="kernel" AND ("panic" OR "Oops" OR "BUG") AND ("r592" OR "memstick")🔗 References
- https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.4
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=63264422785021704c39b38f65a78ab9e4a186d7
- https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html
- https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html
- https://lore.kernel.org/lkml/CAPDyKFoV9aZObZ5GBm0U_-UVeVkBN_rAG-kH3BKoP4EXdYM4bw%40mail.gmail.com/t/
- https://security.netapp.com/advisory/ntap-20230706-0004/
- https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.4
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=63264422785021704c39b38f65a78ab9e4a186d7
- https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html
- https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html
- https://lore.kernel.org/lkml/CAPDyKFoV9aZObZ5GBm0U_-UVeVkBN_rAG-kH3BKoP4EXdYM4bw%40mail.gmail.com/t/
- https://security.netapp.com/advisory/ntap-20230706-0004/
