-

CVE-2023-53516

In the Linux kernel, the following vulnerability has been resolved:

macvlan: add forgotten nla_policy for IFLA_MACVLAN_BC_CUTOFF

The previous commit 954d1fa1ac93 ("macvlan: Add netlink attribute for
broadcast cutoff") added one additional attribute named
IFLA_MACVLAN_BC_CUTOFF to allow broadcast cutfoff.

However, it forgot to describe the nla_policy at macvlan_policy
(drivers/net/macvlan.c). Hence, this suppose NLA_S32 (4 bytes) integer
can be faked as empty (0 bytes) by a malicious user, which could leads
to OOB in heap just like CVE-2023-3773.

To fix it, this commit just completes the nla_policy description for
IFLA_MACVLAN_BC_CUTOFF. This enforces the length check and avoids the
potential OOB read.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
Produkt Linux
Default Statusunaffected
Version < 79f44709aa7a744fbfbadd4aef678443290c6991
Version 954d1fa1ac93aa8a66f7d9a9ba545cf7f020d348
Status affected
Version < 55cef78c244d0d076f5a75a35530ca63c92f4426
Version 954d1fa1ac93aa8a66f7d9a9ba545cf7f020d348
Status affected
HerstellerLinux
Produkt Linux
Default Statusaffected
Version 6.4
Status affected
Version < 6.4
Version 0
Status unaffected
Version <= 6.4.*
Version 6.4.8
Status unaffected
Version <= *
Version 6.5
Status unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.03% 0.069
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String