Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2023-53684

Опубликовано: 07 окт. 2025
Источник: redhat
CVSS3: 4.4

Описание

In the Linux kernel, the following vulnerability has been resolved: xfrm: Zero padding when dumping algos and encap When copying data to user-space we should ensure that only valid data is copied over. Padding in structures may be filled with random (possibly sensitve) data and should never be given directly to user-space. This patch fixes the copying of xfrm algorithms and the encap template in xfrm_user so that padding is zeroed.

Отчет

Zeroing of structure padding was missing when dumping XFRM algorithms/encap via netlink, allowing leakage of uninitialized kernel bytes to user space. Impact is confidentiality-only and typically requires CAP_NET_ADMIN, so PR is High (PR:H).

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 10kernelNot affected
Red Hat Enterprise Linux 6kernelOut of support scope
Red Hat Enterprise Linux 7kernelFix deferred
Red Hat Enterprise Linux 7kernel-rtFix deferred
Red Hat Enterprise Linux 8kernelFix deferred
Red Hat Enterprise Linux 8kernel-rtFix deferred
Red Hat Enterprise Linux 9kernelFix deferred
Red Hat Enterprise Linux 9kernel-rtFix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-200
https://bugzilla.redhat.com/show_bug.cgi?id=2402272kernel: xfrm: Zero padding when dumping algos and encap

4.4 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2023-53684

CVSS3: 5.5
ubuntu
6 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: xfrm: Zero padding when dumping algos and encap When copying data to user-space we should ensure that only valid data is copied over. Padding in structures may be filled with random (possibly sensitve) data and should never be given directly to user-space. This patch fixes the copying of xfrm algorithms and the encap template in xfrm_user so that padding is zeroed.

nvd логотип

CVE-2023-53684

CVSS3: 5.5
nvd
6 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: xfrm: Zero padding when dumping algos and encap When copying data to user-space we should ensure that only valid data is copied over. Padding in structures may be filled with random (possibly sensitve) data and should never be given directly to user-space. This patch fixes the copying of xfrm algorithms and the encap template in xfrm_user so that padding is zeroed.

debian логотип

CVE-2023-53684

CVSS3: 5.5
debian
6 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: x ...

github логотип

GHSA-pmq6-ggff-fwmg

CVSS3: 5.5
github
6 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: xfrm: Zero padding when dumping algos and encap When copying data to user-space we should ensure that only valid data is copied over. Padding in structures may be filled with random (possibly sensitve) data and should never be given directly to user-space. This patch fixes the copying of xfrm algorithms and the encap template in xfrm_user so that padding is zeroed.

4.4 Medium

CVSS3