{ "threat_severity" : "Moderate", "public_date" : "2025-12-30T00:00:00Z", "bugzilla" : { "description" : "kernel: dm flakey: don't corrupt the zero page", "id" : "2426017", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2426017" }, "cvss3" : { "cvss3_base_score" : "5.5", "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status" : "verified" }, "cwe" : "CWE-909", "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\ndm flakey: don't corrupt the zero page\nWhen we need to zero some range on a block device, the function\n__blkdev_issue_zero_pages submits a write bio with the bio vector pointing\nto the zero page. If we use dm-flakey with corrupt bio writes option, it\nwill corrupt the content of the zero page which results in crashes of\nvarious userspace programs. Glibc assumes that memory returned by mmap is\nzeroed and it uses it for calloc implementation; if the newly mapped\nmemory is not zeroed, calloc will return non-zeroed memory.\nFix this bug by testing if the page is equal to ZERO_PAGE(0) and\navoiding the corruption in this case.", "A flaw was found in the Linux kernel's dm-flakey device mapper target. When the corrupt bio writes option is enabled, dm-flakey can corrupt the kernel's global zero page. Since the zero page is shared system-wide and used by glibc's calloc() implementation via mmap, corrupting it causes userspace programs to receive non-zeroed memory from calloc(), leading to widespread application crashes and unpredictable behavior." ], "statement" : "The dm-flakey target is a testing and debugging tool designed to simulate unreliable storage devices. While corrupting the zero page has severe system-wide consequences, dm-flakey requires root privileges to configure and is not typically used in production environments. The impact is limited to systems actively using dm-flakey with corrupt bio writes enabled.", "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2023-11-14T00:00:00Z", "advisory" : "RHSA-2023:7077", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "kernel-0:4.18.0-513.5.1.el8_9" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2023-11-07T00:00:00Z", "advisory" : "RHSA-2023:6583", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-362.8.1.el9_3" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2023-11-07T00:00:00Z", "advisory" : "RHSA-2023:6583", "cpe" : "cpe:/o:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-362.8.1.el9_3" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Out of support scope", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Not affected", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Fix deferred", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:9" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2023-54317\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-54317\nhttps://lore.kernel.org/linux-cve-announce/2025123037-CVE-2023-54317-4750@gregkh/T" ], "name" : "CVE-2023-54317", "csaw" : false }