CVE-2023-0122: 
Linux Kernel vulnerability analysis and mitigation

CVE-2023-0122 is a NULL pointer dereference vulnerability discovered in the Linux kernel NVMe functionality, specifically in the nvmet_setup_auth() function. The vulnerability was present in Linux kernel versions v6.0-rc1 to v6.0-rc3 and was fixed in v6.0-rc4. This security flaw affects the authentication feature of the NVMe target subsystem (Ubuntu, NVD).

The vulnerability stems from a missing goto statement in the nvmet_setup_auth() function within drivers/nvme/target/auth.c. When nvme_auth_extract_key() fails, it leads to a NULL pointer dereference, causing a kernel oops. The issue has been assigned a CVSS 3.1 score of 7.5 (High) with a vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (NetApp Security, Kernel Commit).

When successfully exploited, this vulnerability allows an attacker to perform a Pre-Auth Denial of Service (DoS) attack on a remote machine. Since the vulnerability occurs in the authentication feature, it can be triggered by an unauthorized client during the pre-authentication stage (Ubuntu).

The vulnerability was fixed in Linux kernel version v6.0-rc4 through the addition of a missing goto statement in the nvmet_setup_auth() function. The fix was implemented through a patch that adds the necessary goto out_free_hash statement when the ctrl_key extraction fails (Kernel Commit).

The vulnerability generated discussion within the security community, particularly regarding the practice of assigning CVEs to issues found and fixed in development kernel releases. Red Hat was identified as the CVE assigner for this vulnerability (Openwall).