CVE-2023-53782
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
dccp: Fix out of bounds access in DCCP error handler
There was a previous attempt to fix an out-of-bounds access in the DCCP error handlers, but that fix assumed that the error handlers only want to access the first 8 bytes of the DCCP header. Actually, they also look at the DCCP sequence number, which is stored beyond 8 bytes, so an explicit pskb_may_pull() is required.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 6706a97fec963d6cb3f7fc2978ec1427b4651214 < 3533e10272555c422a7d51ebc0ce8c483429f7f2 | affected |
| Linux | Linux | 6706a97fec963d6cb3f7fc2978ec1427b4651214 < 177212bf6dc1ff2d13d0409cddc5c9e81feec63d | affected |
| Linux | Linux | 6706a97fec963d6cb3f7fc2978ec1427b4651214 < 7a7dd70cb954d3efa706a429687ded88c02496fa | affected |
| Linux | Linux | 6706a97fec963d6cb3f7fc2978ec1427b4651214 < 4b8a938e329ae4eb54b73b0c87b5170607b038a8 | affected |
| Linux | Linux | 6706a97fec963d6cb3f7fc2978ec1427b4651214 < 6ecf09699eb1554299aa1e7fd13e9e80f656c2f9 | affected |
| Linux | Linux | 6706a97fec963d6cb3f7fc2978ec1427b4651214 < f8a7f10a1dccf9868ff09342a73dce27501b86df | affected |
| Linux | Linux | 6706a97fec963d6cb3f7fc2978ec1427b4651214 < d8171411a661253e6271fa10b65b46daf1b6471c | affected |
| Linux | Linux | 6706a97fec963d6cb3f7fc2978ec1427b4651214 < ec620c34f5fa5d055f9f6136a387755db6157712 | affected |
| Linux | Linux | 6706a97fec963d6cb3f7fc2978ec1427b4651214 < 977ad86c2a1bcaf58f01ab98df5cc145083c489c | affected |
| Linux | Linux | 96106a207ae972d8f9e4815e84c159f29e4bbee7 | affected |
| Linux | Linux | 261def571d19d3b4e2228643c5c0ac89f5e10d15 | affected |
| Linux | Linux | dbf1719c65fb0368a94d15767c669e47e295a073 | affected |
| Linux | Linux | 46b1ffd4738a3ee04b2e8f5a4b8cfc39e9c722a2 | affected |
| Linux | Linux | a2df29ed840f90e459a3f8ff029b216be3912731 | affected |
| Linux | Linux | ba93cf7d2118774c0b2dcfccc8ae999427815caa | affected |
| Linux | Linux | 4ca7e66fcce02459fa6961979f9fe30ae1098cf0 | affected |
| Linux | Linux | bd380617d5d161ea2bbe7a8073b3ca7bca0381e5 | affected |
| Linux | Linux | bfe7d1dee859cad6802f8e21a0a863f408114612 | affected |
| Linux | Linux | 968953df833c61fce5adcc0612efeaced24e5719 | affected |
| Linux | Linux | 99131760a8851e6e5b2c9b24d0a68a3068923a08 | affected |
| Linux | Linux | 84d9c612bb7a9e44c6bf286bedfbe72a6d2d71d4 | affected |
| Linux | Linux | 3.2.87 < 3.3 | affected |
| Linux | Linux | 3.10.105 < 3.11 | affected |
| Linux | Linux | 3.12.68 < 3.13 | affected |
| Linux | Linux | 3.16.42 < 3.17 | affected |
| Linux | Linux | 4.4.34 < 4.5 | affected |
| Linux | Linux | 4.8.10 < 4.9 | affected |
| Linux | Linux | 4.9 | affected |
| Linux | Linux | 0 < 4.9 | unaffected |
| Linux | Linux | 4.14.326 <= 4.14.* | unaffected |
| Linux | Linux | 4.19.295 <= 4.19.* | unaffected |
| Linux | Linux | 5.4.257 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.195 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.132 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.53 <= 6.1.* | unaffected |
| Linux | Linux | 6.4.16 <= 6.4.* | unaffected |
| Linux | Linux | 6.5.3 <= 6.5.* | unaffected |
| Linux | Linux | 6.6 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/3533e10272555c422a7d51ebc0ce8c483429f7f2
- https://git.kernel.org/stable/c/177212bf6dc1ff2d13d0409cddc5c9e81feec63d
- https://git.kernel.org/stable/c/7a7dd70cb954d3efa706a429687ded88c02496fa
- https://git.kernel.org/stable/c/4b8a938e329ae4eb54b73b0c87b5170607b038a8
- https://git.kernel.org/stable/c/6ecf09699eb1554299aa1e7fd13e9e80f656c2f9
- https://git.kernel.org/stable/c/f8a7f10a1dccf9868ff09342a73dce27501b86df
- https://git.kernel.org/stable/c/d8171411a661253e6271fa10b65b46daf1b6471c
- https://git.kernel.org/stable/c/ec620c34f5fa5d055f9f6136a387755db6157712
- https://git.kernel.org/stable/c/977ad86c2a1bcaf58f01ab98df5cc145083c489c
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.