Home

CVE-2023-52676

Description

In the Linux kernel, the following vulnerability has been resolved:bpf: Guard stack limits against 32bit overflowThis patch promotes the arithmetic around checking stack bounds to bedone in the 64-bit domain, instead of the current 32bit. The arithmeticimplies adding together a 64-bit register with a int offset. Theregister was checked to be below 1<<29 when it was variable, but notwhen it was fixed. The offset either comes from an instruction (in whichcase it is 16 bit), from another register (in which case the callerchecked it to be below 1<<29 [1]), or from the size of an argument to akfunc (in which case it can be a u32 [2]). Between the register beinginconsistently checked to be below 1<<29, and the offset being up to anu32, it appears that we were open to overflowing the ints which werecurrently used for arithmetic.[1] https://github.com/torvalds/linux/blob/815fb87b753055df2d9e50f6cd80eb10235fe3e9/kernel/bpf/verifier.c#L7494-L7498[2] https://github.com/torvalds/linux/blob/815fb87b753055df2d9e50f6cd80eb10235fe3e9/kernel/bpf/verifier.c#L11904

Risk Information

Base Score
5.5
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.015

Associated Vulnerability

VulnerabilityOS Platform
Linux kernel (USN-6818-1) linux-image-6.5.0-1022-gcp_6.5.0-1022.24_amd64.debLinux
Linux kernel (USN-6818-1) linux-image-6.5.0-1022-gcp_6.5.0-1022.24~22.04.1_amd64.debLinux
Linux kernel (USN-6818-1) linux-image-6.5.0-41-generic_6.5.0-41.41_amd64.debLinux
Linux kernel (USN-6818-1) linux-image-6.5.0-41-lowlatency_6.5.0-41.41.1_amd64.debLinux
Linux kernel (USN-6818-1) linux-image-6.5.0-41-lowlatency_6.5.0-41.41.1~22.04.1_amd64.debLinux
Linux kernel (USN-6818-1) linux-image-gcp_6.5.0.1022.24_amd64.debLinux
Linux kernel (USN-6818-1) linux-image-gcp_6.5.0.1022.24~22.04.1_amd64.debLinux
Linux kernel (USN-6818-1) linux-image-generic_6.5.0.41.41_amd64.debLinux
Linux kernel (USN-6818-1) linux-image-kvm_6.5.0.41.41_amd64.debLinux
Linux kernel (USN-6818-1) linux-image-lowlatency_6.5.0.41.41.1_amd64.debLinux
Linux kernel (USN-6818-1) linux-image-lowlatency-hwe-22.04_6.5.0.41.41.1~22.04.1_amd64.debLinux
Linux kernel (USN-6818-1) linux-image-virtual_6.5.0.41.41_amd64.debLinux
Linux kernel for Microsoft Azure Cloud systems (USN-6819-1) linux-image-6.5.0-1022-azure_6.5.0-1022.23_amd64.debLinux
Linux kernel for Microsoft Azure Cloud systems (USN-6819-1) linux-image-6.5.0-1022-azure_6.5.0-1022.23~22.04.1_amd64.debLinux
Linux kernel for Microsoft Azure Cloud systems (USN-6819-1) linux-image-6.5.0-1022-azure-fde_6.5.0-1022.23_amd64.debLinux
Linux kernel for Microsoft Azure Cloud systems (USN-6819-1) linux-image-6.5.0-1022-azure-fde_6.5.0-1022.23~22.04.1_amd64.debLinux
Linux kernel for Microsoft Azure Cloud systems (USN-6819-1) linux-image-azure_6.5.0.1022.23~22.04.1_amd64.debLinux
Linux kernel for Microsoft Azure Cloud systems (USN-6819-1) linux-image-azure_6.5.0.1022.26_amd64.debLinux
Linux kernel for Microsoft Azure Cloud systems (USN-6819-1) linux-image-azure-fde_6.5.0.1022.23~22.04.1_amd64.debLinux
Linux kernel for Microsoft Azure Cloud systems (USN-6819-1) linux-image-azure-fde_6.5.0.1022.26_amd64.debLinux
Linux kernel for Amazon Web Services (AWS) systems (USN-6819-2) linux-image-6.5.0-1021-aws_6.5.0-1021.21_amd64.debLinux
Linux kernel for Amazon Web Services (AWS) systems (USN-6819-2) linux-image-6.5.0-1024-oracle_6.5.0-1024.24_amd64.debLinux
Linux kernel for Amazon Web Services (AWS) systems (USN-6819-2) linux-image-aws_6.5.0.1021.21_amd64.debLinux
Linux kernel for Amazon Web Services (AWS) systems (USN-6819-2) linux-image-oracle_6.5.0.1024.26_amd64.debLinux
Linux kernel for OEM systems (USN-6819-3) linux-image-6.5.0-1024-oem_6.5.0-1024.25_amd64.debLinux
Linux kernel for OEM systems (USN-6819-3) linux-image-oem-22.04_6.5.0.1024.26_amd64.debLinux
Linux kernel for OEM systems (USN-6819-3) linux-image-oem-22.04a_6.5.0.1024.26_amd64.debLinux
Linux kernel for OEM systems (USN-6819-3) linux-image-oem-22.04b_6.5.0.1024.26_amd64.debLinux
Linux kernel for OEM systems (USN-6819-3) linux-image-oem-22.04c_6.5.0.1024.26_amd64.debLinux
Linux kernel for OEM systems (USN-6819-3) linux-image-oem-22.04d_6.5.0.1024.26_amd64.debLinux
Linux kernel for NVIDIA systems (USN-6818-3) linux-image-6.5.0-1021-nvidia_6.5.0-1021.22_amd64.debLinux
Linux kernel for NVIDIA systems (USN-6818-3) linux-image-nvidia-6.5_6.5.0.1021.29_amd64.debLinux
Linux kernel for NVIDIA systems (USN-6818-3) linux-image-nvidia-hwe-22.04_6.5.0.1021.29_amd64.debLinux
Linux hardware enablement (HWE) kernel (USN-6818-4) linux-image-6.5.0-41-generic_6.5.0-41.41~22.04.2_amd64.debLinux
Linux hardware enablement (HWE) kernel (USN-6818-4) linux-image-generic-hwe-22.04_6.5.0.41.41~22.04.2_amd64.debLinux
Linux hardware enablement (HWE) kernel (USN-6818-4) linux-image-virtual-hwe-22.04_6.5.0.41.41~22.04.2_amd64.debLinux
Linux kernel for Oracle Cloud systems (USN-6819-4) linux-image-6.5.0-1024-oracle_6.5.0-1024.24~22.04.1_amd64.debLinux
SUSE-SU-2024:2135-1(Public Cloud Module 15-SP6 ) kernel-syms-azure-6.4.0-150600.8.5.1.x86_64.rpmLinux
SUSE-SU-2024:2135-1(Public Cloud Module 15-SP6 ) kernel-source-azure-6.4.0-150600.8.5.4.noarch.rpmLinux
SUSE-SU-2024:2135-1(Public Cloud Module 15-SP6 ) kernel-devel-azure-6.4.0-150600.8.5.4.noarch.rpmLinux
SUSE-SU-2024:2135-1(Public Cloud Module 15-SP6 ) kernel-azure-devel-debuginfo-6.4.0-150600.8.5.4.x86_64.rpmLinux
SUSE-SU-2024:2135-1(Public Cloud Module 15-SP6 ) kernel-azure-devel-6.4.0-150600.8.5.4.x86_64.rpmLinux
SUSE-SU-2024:2135-1(Public Cloud Module 15-SP6 ) kernel-azure-debugsource-6.4.0-150600.8.5.4.x86_64.rpmLinux
SUSE-SU-2024:2135-1(Public Cloud Module 15-SP6 ) kernel-azure-debuginfo-6.4.0-150600.8.5.4.x86_64.rpmLinux
SUSE-SU-2024:2135-1(Public Cloud Module 15-SP6 ) kernel-azure-6.4.0-150600.8.5.4.x86_64.rpmLinux
SUSE-SU-2024:2203-1(Legacy Module 15-SP6 ) reiserfs-kmp-default-debuginfo-6.4.0-150600.23.7.3.x86_64.rpmLinux
SUSE-SU-2024:2203-1(Legacy Module 15-SP6 ) reiserfs-kmp-default-6.4.0-150600.23.7.3.x86_64.rpmLinux
SUSE-SU-2024:2203-1(Development Tools Module 15-SP6 ) kernel-syms-6.4.0-150600.23.7.1.x86_64.rpmLinux
SUSE-SU-2024:2203-1(Development Tools Module 15-SP6 ) kernel-source-6.4.0-150600.23.7.2.noarch.rpmLinux
SUSE-SU-2024:2203-1(Development Tools Module 15-SP6 ) kernel-obs-build-debugsource-6.4.0-150600.23.7.3.x86_64.rpmLinux
SUSE-SU-2024:2203-1(Development Tools Module 15-SP6 ) kernel-obs-build-6.4.0-150600.23.7.3.x86_64.rpmLinux
SUSE-SU-2024:2203-1(Basesystem Module 15-SP6 ) kernel-macros-6.4.0-150600.23.7.2.noarch.rpmLinux
SUSE-SU-2024:2203-1(Development Tools Module 15-SP6 ) kernel-docs-6.4.0-150600.23.7.4.noarch.rpmLinux
SUSE-SU-2024:2203-1(Basesystem Module 15-SP6 ) kernel-devel-6.4.0-150600.23.7.2.noarch.rpmLinux
SUSE-SU-2024:2203-1(Basesystem Module 15-SP6 ) kernel-default-devel-debuginfo-6.4.0-150600.23.7.3.x86_64.rpmLinux
SUSE-SU-2024:2203-1(Basesystem Module 15-SP6 ) kernel-default-devel-6.4.0-150600.23.7.3.x86_64.rpmLinux
SUSE-SU-2024:2203-1(Basesystem Module 15-SP6 ) kernel-default-debugsource-6.4.0-150600.23.7.3.x86_64.rpmLinux
SUSE-SU-2024:2203-1(Basesystem Module 15-SP6 ) kernel-default-debuginfo-6.4.0-150600.23.7.3.x86_64.rpmLinux
SUSE-SU-2024:2203-1(Basesystem Module 15-SP6 ) kernel-default-base-6.4.0-150600.23.7.3.150600.12.2.7.x86_64.rpmLinux
SUSE-SU-2024:2203-1(Basesystem Module 15-SP6 ) kernel-default-6.4.0-150600.23.7.3.x86_64.rpmLinux
(RHSA-2024:9315)Moderate: security update rv-5.14.0-503.11.1.el9_5.x86_64.rpmLinux
(RHSA-2024:9315)Moderate: security update rtla-5.14.0-503.11.1.el9_5.x86_64.rpmLinux
(RHSA-2024:9315)Moderate: security update python3-perf-5.14.0-503.11.1.el9_5.x86_64.rpmLinux
(RHSA-2024:9315)Moderate: security update perf-5.14.0-503.11.1.el9_5.x86_64.rpmLinux
(RHSA-2024:9315)Moderate: security update kernel-uki-virt-addons-5.14.0-503.11.1.el9_5.x86_64.rpmLinux
(RHSA-2024:9315)Moderate: security update kernel-uki-virt-5.14.0-503.11.1.el9_5.x86_64.rpmLinux
(RHSA-2024:9315)Moderate: security update kernel-tools-libs-5.14.0-503.11.1.el9_5.x86_64.rpmLinux
(RHSA-2024:9315)Moderate: security update kernel-tools-5.14.0-503.11.1.el9_5.x86_64.rpmLinux
(RHSA-2024:9315)Moderate: security update kernel-modules-extra-5.14.0-503.11.1.el9_5.x86_64.rpmLinux
(RHSA-2024:9315)Moderate: security update kernel-modules-core-5.14.0-503.11.1.el9_5.x86_64.rpmLinux
(RHSA-2024:9315)Moderate: security update kernel-modules-5.14.0-503.11.1.el9_5.x86_64.rpmLinux
(RHSA-2024:9315)Moderate: security update kernel-headers-5.14.0-503.11.1.el9_5.x86_64.rpmLinux
(RHSA-2024:9315)Moderate: security update kernel-doc-5.14.0-503.11.1.el9_5.noarch.rpmLinux
(RHSA-2024:9315)Moderate: security update kernel-devel-matched-5.14.0-503.11.1.el9_5.x86_64.rpmLinux
(RHSA-2024:9315)Moderate: security update kernel-devel-5.14.0-503.11.1.el9_5.x86_64.rpmLinux
(RHSA-2024:9315)Moderate: security update kernel-debug-uki-virt-5.14.0-503.11.1.el9_5.x86_64.rpmLinux
(RHSA-2024:9315)Moderate: security update kernel-debug-modules-extra-5.14.0-503.11.1.el9_5.x86_64.rpmLinux
(RHSA-2024:9315)Moderate: security update kernel-debug-modules-core-5.14.0-503.11.1.el9_5.x86_64.rpmLinux
(RHSA-2024:9315)Moderate: security update kernel-debug-modules-5.14.0-503.11.1.el9_5.x86_64.rpmLinux
(RHSA-2024:9315)Moderate: security update kernel-debug-devel-matched-5.14.0-503.11.1.el9_5.x86_64.rpmLinux
(RHSA-2024:9315)Moderate: security update kernel-debug-devel-5.14.0-503.11.1.el9_5.x86_64.rpmLinux
(RHSA-2024:9315)Moderate: security update kernel-debug-core-5.14.0-503.11.1.el9_5.x86_64.rpmLinux
(RHSA-2024:9315)Moderate: security update kernel-debug-5.14.0-503.11.1.el9_5.x86_64.rpmLinux
(RHSA-2024:9315)Moderate: security update kernel-core-5.14.0-503.11.1.el9_5.x86_64.rpmLinux
(RHSA-2024:9315)Moderate: security update kernel-abi-stablelists-5.14.0-503.11.1.el9_5.noarch.rpmLinux
(RHSA-2024:9315)Moderate: security update kernel-5.14.0-503.11.1.el9_5.x86_64.rpmLinux
(RHSA-2024:9315)Moderate: security update bpftool-7.4.0-503.11.1.el9_5.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234