PT-2023-5335 · Linux+5 · Linux Kernel+5

David Laight

·

Publicado

2023-09-05

·

Atualizado

2026-03-24

·

CVE-2023-42752

CVSS v3.1

5.5

Média

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description An integer overflow flaw was found in the Linux kernel, leading to the kernel allocating skb shared info in the userspace. This issue is exploitable in systems without SMAP protection since skb shared info contains references to function pointers. The vulnerability can be exploited locally, allowing an attacker to potentially execute code at the kernel level by manipulating network sockets in userspace. The issue can be mitigated by enabling the SMAP protection mechanism in the kernel.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Integer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-190

Identificadores relacionados

ALT-PU-2023-6488
ALT-PU-2023-6505
ALT-PU-2023-6565
ALT-PU-2023-7004
ALT-PU-2024-14046
ALT-PU-2024-6818
AZL-31521
BDU:2023-05963
CVE-2023-42752
LSN-0099-1
SUSE-SU-2026:0278-1
SUSE-SU-2026:0281-1
SUSE-SU-2026:0293-1
SUSE-SU-2026:0315-1
SUSE-SU-2026:20477-1
SUSE-SU-2026:20498-1
SUSE-SU-2026:20845-1
SUSE-SU-2026:20876-1
USN-6439-1
USN-6439-2
USN-6440-1
USN-6440-2
USN-6440-3
USN-6441-1
USN-6441-2
USN-6441-3
USN-6442-1
USN-6443-1
USN-6444-1
USN-6444-2
USN-6445-1
USN-6445-2
USN-6446-1
USN-6446-2
USN-6446-3
USN-6460-1
USN-6466-1

Produtos afetados

Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Red Os
Ubuntu