CVE-2023-52735
Severity CVSS v4.0:
Pending analysis
Type:
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Publication date:
21/05/2024
Last modified:
02/04/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
bpf, sockmap: Don&#39;t let sock_map_{close,destroy,unhash} call itself<br />
<br />
sock_map proto callbacks should never call themselves by design. Protect<br />
against bugs like [1] and break out of the recursive loop to avoid a stack<br />
overflow in favor of a resource leak.<br />
<br />
[1] https://lore.kernel.org/all/00000000000073b14905ef2e7401@google.com/
Impact
Base Score 3.x
9.10
Severity 3.x
CRITICAL
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.15.95 (excluding) | |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.16 (including) | 6.1.13 (excluding) |
| cpe:2.3:o:linux:linux_kernel:6.2:rc1:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.2:rc2:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.2:rc3:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.2:rc4:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.2:rc5:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.2:rc6:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/5b4a79ba65a1ab479903fff2e604865d229b70a9
- https://git.kernel.org/stable/c/7499859881488da97589f3c79cc66fa75748ad49
- https://git.kernel.org/stable/c/f312367f5246e04df564d341044286e9e37a97ba
- https://git.kernel.org/stable/c/5b4a79ba65a1ab479903fff2e604865d229b70a9
- https://git.kernel.org/stable/c/7499859881488da97589f3c79cc66fa75748ad49
- https://git.kernel.org/stable/c/f312367f5246e04df564d341044286e9e37a97ba