-
CVE-2023-53365
- EPSS 0.03%
- Veröffentlicht 17.09.2025 14:56:53
- Zuletzt bearbeitet 18.09.2025 13:43:34
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- Teams Watchlist Login
- Unerledigt Login
In the Linux kernel, the following vulnerability has been resolved:
ip6mr: Fix skb_under_panic in ip6mr_cache_report()
skbuff: skb_under_panic: text:ffffffff88771f69 len:56 put:-4
head:ffff88805f86a800 data:ffff887f5f86a850 tail:0x88 end:0x2c0 dev:pim6reg
------------[ cut here ]------------
kernel BUG at net/core/skbuff.c:192!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 2 PID: 22968 Comm: kworker/2:11 Not tainted 6.5.0-rc3-00044-g0a8db05b571a #236
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014
Workqueue: ipv6_addrconf addrconf_dad_work
RIP: 0010:skb_panic+0x152/0x1d0
Call Trace:
<TASK>
skb_push+0xc4/0xe0
ip6mr_cache_report+0xd69/0x19b0
reg_vif_xmit+0x406/0x690
dev_hard_start_xmit+0x17e/0x6e0
__dev_queue_xmit+0x2d6a/0x3d20
vlan_dev_hard_start_xmit+0x3ab/0x5c0
dev_hard_start_xmit+0x17e/0x6e0
__dev_queue_xmit+0x2d6a/0x3d20
neigh_connected_output+0x3ed/0x570
ip6_finish_output2+0x5b5/0x1950
ip6_finish_output+0x693/0x11c0
ip6_output+0x24b/0x880
NF_HOOK.constprop.0+0xfd/0x530
ndisc_send_skb+0x9db/0x1400
ndisc_send_rs+0x12a/0x6c0
addrconf_dad_completed+0x3c9/0xea0
addrconf_dad_work+0x849/0x1420
process_one_work+0xa22/0x16e0
worker_thread+0x679/0x10c0
ret_from_fork+0x28/0x60
ret_from_fork_asm+0x11/0x20
When setup a vlan device on dev pim6reg, DAD ns packet may sent on reg_vif_xmit().
reg_vif_xmit()
ip6mr_cache_report()
skb_push(skb, -skb_network_offset(pkt));//skb_network_offset(pkt) is 4
And skb_push declared as:
void *skb_push(struct sk_buff *skb, unsigned int len);
skb->data -= len;
//0xffff88805f86a84c - 0xfffffffc = 0xffff887f5f86a850
skb->data is set to 0xffff887f5f86a850, which is invalid mem addr, lead to skb_push() fails.Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version <
a96d74d1076c82a4cef02c150d9996b21354c78d
Version
14fb64e1f449ef6666f1c3a3fa4e13aec669b98d
Status
affected
Version <
8382e7ed2d63e6c2daf6881fa091526dc6c879cd
Version
14fb64e1f449ef6666f1c3a3fa4e13aec669b98d
Status
affected
Version <
0438e60a00d4e335b3c36397dbf26c74b5d13ef0
Version
14fb64e1f449ef6666f1c3a3fa4e13aec669b98d
Status
affected
Version <
1683124129a4263dd5bce2475bab110e95fa0346
Version
14fb64e1f449ef6666f1c3a3fa4e13aec669b98d
Status
affected
Version <
1bb54a21f4d9b88442f8c3307c780e2db64417e4
Version
14fb64e1f449ef6666f1c3a3fa4e13aec669b98d
Status
affected
Version <
691a09eecad97e745b9aa0e3918db46d020bdacb
Version
14fb64e1f449ef6666f1c3a3fa4e13aec669b98d
Status
affected
Version <
3326c711f18d18fe6e1f5d83d3a7eab07e5a1560
Version
14fb64e1f449ef6666f1c3a3fa4e13aec669b98d
Status
affected
Version <
30e0191b16e8a58e4620fa3e2839ddc7b9d4281c
Version
14fb64e1f449ef6666f1c3a3fa4e13aec669b98d
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
2.6.26
Status
affected
Version <
2.6.26
Version
0
Status
unaffected
Version <=
4.14.*
Version
4.14.322
Status
unaffected
Version <=
4.19.*
Version
4.19.291
Status
unaffected
Version <=
5.4.*
Version
5.4.253
Status
unaffected
Version <=
5.10.*
Version
5.10.190
Status
unaffected
Version <=
5.15.*
Version
5.15.126
Status
unaffected
Version <=
6.1.*
Version
6.1.45
Status
unaffected
Version <=
6.4.*
Version
6.4.10
Status
unaffected
Version <=
*
Version
6.5
Status
unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.078 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|