CVE-2023-40791: 
CBL Mariner vulnerability analysis and mitigation

A vulnerability was discovered in the Linux kernel's extractusertosg function in lib/scatterlist.c before version 6.4.12. The vulnerability is identified as CVE-2023-40791 and was disclosed in October 2023. The issue occurs when the function fails to unpin pages in certain situations, which can be demonstrated by a WARNING for trygrab_page (Kernel Changelog, NIST NVD).

The vulnerability stems from incorrect error handling in extractitertosg(). When handling IOVEC/UBUF sources, pages need to be unpinned rather than put in extractusertosg(). This issue manifests as a failure to properly manage page references, which can trigger kernel warnings. The vulnerability has been assigned a CVSS v3.1 base score of 6.3 (Medium) by NIST NVD, indicating moderate severity (NIST NVD).

The successful exploitation of this vulnerability could lead to addition or modification of data or result in a Denial of Service (DoS) condition. According to NetApp's security advisory, the vulnerability has been rated with a CVSS score of 9.1 (Critical) in their environment (NetApp Advisory).

The vulnerability has been fixed in Linux kernel version 6.4.12. The fix involves modifying the error handling in extractiterto_sg() to properly unpin pages instead of putting them when handling IOVEC/UBUF sources. For affected systems, upgrading to kernel version 6.4.12 or later is recommended (Kernel Patch).

Various vendors have responded to this vulnerability. NetApp has issued an advisory for their affected products, including NetApp HCI Baseboard Management Controller and SolidFire & HCI Storage Node systems. They have provided detailed information about affected and unaffected products, along with remediation guidance (NetApp Advisory).