CVE-2023-52980
📋 TL;DR
This CVE describes an integer overflow vulnerability in the Linux kernel's ublk driver that can lead to out-of-bounds memory access. When configuring ublk devices with large queue depths (>2728), the queue_size calculation overflows, causing the kernel to reference incorrect memory locations. This affects Linux systems using the ublk driver for block device virtualization.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic, system crash, or potential privilege escalation leading to full system compromise through memory corruption.
Likely Case
System instability, kernel crashes, or denial of service when ublk devices are configured with large queue depths.
If Mitigated
No impact if ublk driver is not used or queue depths are kept below 2728.
🎯 Exploit Status
Requires local access and ability to configure ublk devices with specific parameters. Not trivial to exploit for privilege escalation.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Linux kernel with commits 29baef789c838bd5c02f50c88adbbc6b955aaf61 and ee1e3fe4b4579f856997190a00ea4db0307b4332
Vendor Advisory: https://git.kernel.org/stable/c/29baef789c838bd5c02f50c88adbbc6b955aaf61
Restart Required: No
Instructions:
1. Update Linux kernel to version containing the fix commits. 2. For distributions: Use package manager (apt/yum/dnf) to update kernel package. 3. Reboot to load new kernel if not using kexec or livepatch.
🔧 Temporary Workarounds
Limit ublk queue depth
allConfigure ublk devices with queue depth ≤2728 to avoid triggering the overflow
# When creating ublk devices, ensure queue_depth parameter ≤2728
ublk add -t null -q 2728 ...
Disable ublk driver
allRemove or blacklist ublk driver if not needed
# Blacklist ublk module
echo 'blacklist ublk_drv' > /etc/modprobe.d/ublk-blacklist.conf
# Rebuild initramfs if needed
update-initramfs -u
🧯 If You Can't Patch
- Disable ublk driver module loading
- Implement strict access controls to prevent unauthorized ublk device configuration
🔍 How to Verify
Check if Vulnerable:
Check if ublk driver is loaded and devices configured with queue depth >2728: lsmod | grep ublk; check /sys/block/ublk*/queue_depthCheck Version:
uname -rVerify Fix Applied:
Check kernel version includes fix commits: grep -q '29baef789c838bd5c02f50c88adbbc6b955aaf61\|ee1e3fe4b4579f856997190a00ea4db0307b4332' /proc/version_signature📡 Detection & Monitoring
Log Indicators:
- Kernel oops messages mentioning ublk
- System crashes when configuring ublk devices
- dmesg errors related to memory corruption or out-of-bounds access
Network Indicators:
- None - local vulnerability only
SIEM Query:
source="kernel" AND ("ublk" OR "out of bounds" OR "general protection fault")