PT-2022-6768 · Linux+8 · Linux Kernel+8

Ziyang Xuan

·

Published

2022-10-22

·

Updated

2024-04-25

·

CVE-2023-3812

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to an out-of-bounds memory access flaw in the Linux kernel's TUN/TAP device driver functionality. This occurs when a user generates a malicious, overly large networking packet with napi frags enabled. The flaw can allow a local user to crash the system or potentially escalate their privileges, impacting the confidentiality, integrity, and availability of protected information.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Out of bounds Read

Memory Corruption

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-787CWE-416

Related Identifiers

ALSA-2023:7549
ALT-PU-2023-4894
ALT-PU-2023-7439
AZL-27764
BDU:2023-04465
CESA-2023_7548
CESA-2023_7549
CESA-2023_7554
CVE-2023-3812
OESA-2023-1469
OESA-2023-1470
OESA-2023-1471
OPENSUSE-SU-2023_3171-1
OPENSUSE-SU-2023_3172-1
OPENSUSE-SU-2023_3180-1
OPENSUSE-SU-2023_3182-1
OPENSUSE-SU-2023_3302-1
OPENSUSE-SU-2023_3318-1
OPENSUSE-SU-2023_3391-1
OPENSUSE-SU-2023_3680-1
RHSA-2023:6799
RHSA-2023:6813
RHSA-2023:7370
RHSA-2023:7379
RHSA-2023:7382
RHSA-2023:7389
RHSA-2023:7411
RHSA-2023:7418
RHSA-2023:7548
RHSA-2023:7549
RHSA-2023:7554
RHSA-2023_7548
RHSA-2023_7549
RHSA-2024:0340
RHSA-2024:0378
RHSA-2024:0412
RHSA-2024:0461
RHSA-2024:0554
RHSA-2024:0562
RHSA-2024:0563
RHSA-2024:0575
RHSA-2024:0593
RHSA-2024:1961
RHSA-2024:2006
RHSA-2024:2008
RHSA-2024_0461
RLSA-2023:7548
RLSA-2023:7549
RXSA-2023:7549
SUSE-SU-2023:3171-1
SUSE-SU-2023:3172-1
SUSE-SU-2023:3180-1
SUSE-SU-2023:3182-1
SUSE-SU-2023:3302-1
SUSE-SU-2023:3318-1
SUSE-SU-2023:3390-1
SUSE-SU-2023:3391-1
SUSE-SU-2023:3421-1
SUSE-SU-2023:3601-1
SUSE-SU-2023:3680-1
SUSE-SU-2023:3681-1
SUSE-SU-2023:3705-1
SUSE-SU-2023:3748-1
SUSE-SU-2023:3749-1
SUSE-SU-2023:3768-1
SUSE-SU-2023:3772-1
SUSE-SU-2023:3783-1
SUSE-SU-2023:3786-1
SUSE-SU-2023:3788-1
SUSE-SU-2023:3809-1
SUSE-SU-2023:3811-1
SUSE-SU-2023:3812-1
SUSE-SU-2023:3838-1
SUSE-SU-2023:3844-1
SUSE-SU-2023:3846-1
SUSE-SU-2023:3889-1
SUSE-SU-2023:3892-1
SUSE-SU-2023:3893-1
SUSE-SU-2023:3928-1
SUSE-SU-2023_3171-1
SUSE-SU-2023_3172-1
SUSE-SU-2023_3180-1
SUSE-SU-2023_3182-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse