CVE-2023-42755

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.14.326 Linux kernel versions prior to 4.19.295 Linux kernel versions prior to 5.4.257 Linux kernel versions prior to 5.10.197 Linux kernel versions prior to 5.15.133 Linux kernel versions prior to 6.1.55 Linux kernel versions prior to 6.3

Description A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the rsvp classify function. This issue may allow a local user to crash the system and cause a denial of service.

Recommendations For Linux kernel versions prior to 4.14.326, update to version 4.14.326 or later. For Linux kernel versions prior to 4.19.295, update to version 4.19.295 or later. For Linux kernel versions prior to 5.4.257, update to version 5.4.257 or later. For Linux kernel versions prior to 5.10.197, update to version 5.10.197 or later. For Linux kernel versions prior to 5.15.133, update to version 5.15.133 or later. For Linux kernel versions prior to 6.1.55, update to version 6.1.55 or later. For Linux kernel versions prior to 6.3, update to version 6.3 or later.