Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2023-52846

Опубликовано: 21 мая 2024
Источник: debian

Описание

In the Linux kernel, the following vulnerability has been resolved: hsr: Prevent use after free in prp_create_tagged_frame() The prp_fill_rct() function can fail. In that situation, it frees the skb and returns NULL. Meanwhile on the success path, it returns the original skb. So it's straight forward to fix bug by using the returned value.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
linuxfixed6.6.8-1package
linuxfixed6.1.64-1bookwormpackage
linuxfixed5.10.205-1bullseyepackage
linuxnot-affectedbusterpackage

Примечания

  • https://git.kernel.org/linus/876f8ab52363f649bcc74072157dfd7adfbabc0d (6.7-rc1)

Связанные уязвимости

ubuntu логотип

CVE-2023-52846

CVSS3: 7.8
ubuntu
больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: hsr: Prevent use after free in prp_create_tagged_frame() The prp_fill_rct() function can fail. In that situation, it frees the skb and returns NULL. Meanwhile on the success path, it returns the original skb. So it's straight forward to fix bug by using the returned value.

redhat логотип

CVE-2023-52846

CVSS3: 5.5
redhat
больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: hsr: Prevent use after free in prp_create_tagged_frame() The prp_fill_rct() function can fail. In that situation, it frees the skb and returns NULL. Meanwhile on the success path, it returns the original skb. So it's straight forward to fix bug by using the returned value.

nvd логотип

CVE-2023-52846

CVSS3: 7.8
nvd
больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: hsr: Prevent use after free in prp_create_tagged_frame() The prp_fill_rct() function can fail. In that situation, it frees the skb and returns NULL. Meanwhile on the success path, it returns the original skb. So it's straight forward to fix bug by using the returned value.

github логотип

GHSA-g3g2-rm55-27fj

CVSS3: 7.8
github
больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: hsr: Prevent use after free in prp_create_tagged_frame() The prp_fill_rct() function can fail. In that situation, it frees the skb and returns NULL. Meanwhile on the success path, it returns the original skb. So it's straight forward to fix bug by using the returned value.

fstec логотип

BDU:2024-10207

CVSS3: 8.8
fstec
больше 2 лет назад

Уязвимость компонента hsr ядра операционной системы Linux, позволяющая нарушителю повысить привилегии в системе