Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2023-53372

Опубликовано: 18 сент. 2025
Источник: nvd
CVSS3: 7.8
EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved:

sctp: fix a potential overflow in sctp_ifwdtsn_skip

Currently, when traversing ifwdtsn skips with _sctp_walk_ifwdtsn, it only checks the pos against the end of the chunk. However, the data left for the last pos may be < sizeof(struct sctp_ifwdtsn_skip), and dereference it as struct sctp_ifwdtsn_skip may cause coverflow.

This patch fixes it by checking the pos against "the end of the chunk - sizeof(struct sctp_ifwdtsn_skip)" in sctp_ifwdtsn_skip, similar to sctp_fwdtsn_skip.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 4.16 (включая) до 4.19.281 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 4.20 (включая) до 5.4.241 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 5.5 (включая) до 5.10.178 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 5.11 (включая) до 5.15.108 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 5.16 (включая) до 6.1.25 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 6.2 (включая) до 6.2.12 (исключая)
cpe:2.3:o:linux:linux_kernel:6.3:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.3:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.3:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.3:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.3:rc5:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.3:rc6:*:*:*:*:*:*

EPSS

Процентиль: 6%
0.00023
Низкий

7.8 High

CVSS3

Дефекты

CWE-787
CWE-787

Связанные уязвимости

ubuntu логотип

CVE-2023-53372

CVSS3: 7.8
ubuntu
5 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: sctp: fix a potential overflow in sctp_ifwdtsn_skip Currently, when traversing ifwdtsn skips with _sctp_walk_ifwdtsn, it only checks the pos against the end of the chunk. However, the data left for the last pos may be < sizeof(struct sctp_ifwdtsn_skip), and dereference it as struct sctp_ifwdtsn_skip may cause coverflow. This patch fixes it by checking the pos against "the end of the chunk - sizeof(struct sctp_ifwdtsn_skip)" in sctp_ifwdtsn_skip, similar to sctp_fwdtsn_skip.

redhat логотип

CVE-2023-53372

CVSS3: 5.5
redhat
5 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: sctp: fix a potential overflow in sctp_ifwdtsn_skip Currently, when traversing ifwdtsn skips with _sctp_walk_ifwdtsn, it only checks the pos against the end of the chunk. However, the data left for the last pos may be < sizeof(struct sctp_ifwdtsn_skip), and dereference it as struct sctp_ifwdtsn_skip may cause coverflow. This patch fixes it by checking the pos against "the end of the chunk - sizeof(struct sctp_ifwdtsn_skip)" in sctp_ifwdtsn_skip, similar to sctp_fwdtsn_skip.

debian логотип

CVE-2023-53372

CVSS3: 7.8
debian
5 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: s ...

github логотип

GHSA-5p9g-wpq2-jmm7

CVSS3: 7.8
github
5 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: sctp: fix a potential overflow in sctp_ifwdtsn_skip Currently, when traversing ifwdtsn skips with _sctp_walk_ifwdtsn, it only checks the pos against the end of the chunk. However, the data left for the last pos may be < sizeof(struct sctp_ifwdtsn_skip), and dereference it as struct sctp_ifwdtsn_skip may cause coverflow. This patch fixes it by checking the pos against "the end of the chunk - sizeof(struct sctp_ifwdtsn_skip)" in sctp_ifwdtsn_skip, similar to sctp_fwdtsn_skip.

EPSS

Процентиль: 6%
0.00023
Низкий

7.8 High

CVSS3

Дефекты

CWE-787
CWE-787