PT-2023-1165 · Linux+8 · Linux Kernel+8

Kyle Zeng

·

Published

2023-01-01

·

Updated

2025-03-20

·

CVE-2023-23454

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions through 6.1.4
Description The issue is related to the cbq classify function in the Linux kernel, which can cause a denial of service due to type confusion. This confusion occurs because non-negative numbers can sometimes indicate a TC ACT SHOT condition rather than valid classification results, leading to a slab-out-of-bounds read. The problem is associated with incorrect type determination in the packet prioritization subsystem.
Recommendations For Linux kernel versions through 6.1.4, update to a version that contains a fix for this issue to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Type Confusion

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-843CWE-136

Related Identifiers

ALSA-2023:2736
ALSA-2023:2951
ALT-PU-2023-1064
ALT-PU-2023-1126
ALT-PU-2023-1684
ALT-PU-2023-1741
ALT-PU-2023-1814
ALT-PU-2023-4894
ALT-PU-2024-4263
ALT-PU-2024-4843
AZL-13006
AZL-13049
BDU:2023-00379
CESA-2023_2736
CESA-2023_2951
CVE-2023-23454
DLA-3349-1
DLA-3403-1
DSA-5324-1
MGASA-2023-0007
MGASA-2023-0008
OESA-2023-1071
OESA-2023-1072
OESA-2023-1073
OESA-2023-1074
OPENSUSE-SU-2023_0152-1
OPENSUSE-SU-2023_0410-1
OPENSUSE-SU-2023_0433-1
OPENSUSE-SU-2023_0488-1
OPENSUSE-SU-2023_0774-1
RHSA-2023:2736
RHSA-2023:2951
RHSA-2023_2736
RHSA-2023_2951
RHSA-2024:0412
SUSE-SU-2023:0145-1
SUSE-SU-2023:0152-1
SUSE-SU-2023:0406-1
SUSE-SU-2023:0407-1
SUSE-SU-2023:0410-1
SUSE-SU-2023:0420-1
SUSE-SU-2023:0433-1
SUSE-SU-2023:0485-1
SUSE-SU-2023:0488-1
SUSE-SU-2023:0591-1
SUSE-SU-2023:0618-1
SUSE-SU-2023:0774-1
SUSE-SU-2023:1608-1
SUSE-SU-2023:1801-1
SUSE-SU-2023:1803-1
SUSE-SU-2023:1848-1
SUSE-SU-2023:2232-1
SUSE-SU-2023:2367-1
SUSE-SU-2023:2368-1
SUSE-SU-2023:2369-1
SUSE-SU-2023:2371-1
SUSE-SU-2023:2376-1
SUSE-SU-2023:2384-1
SUSE-SU-2023:2385-1
SUSE-SU-2023:2386-1
SUSE-SU-2023:2389-1
SUSE-SU-2023:2399-1
SUSE-SU-2023:2401-1
SUSE-SU-2023:2405-1
SUSE-SU-2023:2413-1
SUSE-SU-2023:2420-1
SUSE-SU-2023:2422-1
SUSE-SU-2023:2423-1
SUSE-SU-2023:2425-1
SUSE-SU-2023:2428-1
SUSE-SU-2023:2429-1
SUSE-SU-2023:2431-1
SUSE-SU-2023:2442-1
SUSE-SU-2023:2443-1
SUSE-SU-2023:2448-1
SUSE-SU-2023:2450-1
SUSE-SU-2023:2453-1
SUSE-SU-2023:2455-1
SUSE-SU-2023:2459-1
SUSE-SU-2023:2468-1
SUSE-SU-2023:2506-1
SUSE-SU-2023:2805-1
SUSE-SU-2023:2809-1
SUSE-SU-2023:4030-1
SUSE-SU-2023:4095-1
USN-5915-1
USN-5917-1
USN-5934-1
USN-5939-1
USN-5940-1
USN-5951-1
USN-5982-1
USN-5987-1
USN-6000-1
USN-6004-1
USN-6079-1
USN-6091-1
USN-6096-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Suse
Ubuntu