CVE-2023-54181

EPSS 0.03%
Veröffentlicht 30.12.2025 12:08:52
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

bpf: Fix issue in verifying allow_ptr_leaks

In the Linux kernel, the following vulnerability has been resolved:

bpf: Fix issue in verifying allow_ptr_leaks

After we converted the capabilities of our networking-bpf program from
cap_sys_admin to cap_net_admin+cap_bpf, our networking-bpf program
failed to start. Because it failed the bpf verifier, and the error log
is "R3 pointer comparison prohibited".

A simple reproducer as follows,

SEC("cls-ingress")
int ingress(struct __sk_buff *skb)
{
	struct iphdr *iph = (void *)(long)skb->data + sizeof(struct ethhdr);

	if ((long)(iph + 1) > (long)skb->data_end)
		return TC_ACT_STOLEN;
	return TC_ACT_OK;
}

Per discussion with Yonghong and Alexei [1], comparison of two packet
pointers is not a pointer leak. This patch fixes it.

Our local kernel is 6.1.y and we expect this fix to be backported to
6.1.y, so stable is CCed.

[1]. https://lore.kernel.org/bpf/CAADnVQ+Nmspr7Si+pxWn8zkE7hX-7s93ugwC+94aXSy4uQ9vBg@mail.gmail.com/

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 7

CNA 2 VulnDex Vulnerability Enrichment 11

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version 2c78ee898d8f10ae6fb2fa23a3fbaec96b1b7366

Version < c96c67991aac6401b4c6996093bccb704bb2ea4b

Status affected

Version 2c78ee898d8f10ae6fb2fa23a3fbaec96b1b7366

Version < 5927f0172d2809d8fc09c1ba667280b0387e9f73

Status affected

Version 2c78ee898d8f10ae6fb2fa23a3fbaec96b1b7366

Version < acfdc8b77016c8e648aadc283177546c88083dd3

Status affected

Version 2c78ee898d8f10ae6fb2fa23a3fbaec96b1b7366

Version < d75e30dddf73449bc2d10bb8e2f1a2c446bc67a2

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.8

Status affected

Version 0

Version < 5.8

Status unaffected

Version <= 6.1.*

Version 6.1.53

Status unaffected

Version <= 6.4.*

Version 6.4.16

Status unaffected

Version <= 6.5.*

Version 6.5.3

Status unaffected

Version <= *

Version 6.6

Status unaffected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.099

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/c96c67991aac6401b4c6996093bccb704bb2ea4b

https://git.kernel.org/stable/c/5927f0172d2809d8fc09c1ba667280b0387e9f73

https://git.kernel.org/stable/c/acfdc8b77016c8e648aadc283177546c88083dd3

https://git.kernel.org/stable/c/d75e30dddf73449bc2d10bb8e2f1a2c446bc67a2

https://nvd.nist.gov/vuln/detail/CVE-2023-54181

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-54181

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-54181

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2023-54181