PT-2023-1658 · Linux+8 · Linux Kernel+8

Pietro Borrello

Published

2023-01-28

Updated

2025-02-24

CVE-2023-1075

CVSS v3.1

3.3

Low

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Linux Kernel (affected versions not specified)

Description A flaw was found in the Linux Kernel, where the tls is tx ready() function incorrectly checks for list emptiness. This can potentially lead to accessing a type-confused entry to the list head, causing the last byte of the confused field to overlap with rec->tx ready, resulting in a leak. The issue is related to the implementation of the TLS protocol in the Linux Kernel and may lead to a denial of service if exploited.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Type Confusion

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-391CWE-843CWE-200

Related Identifiers

ALSA-2023:7077

BDU:2023-01203

CESA-2023_6901

CESA-2023_7077

CVE-2023-1075

OESA-2023-1177

OESA-2023-1178

OPENSUSE-SU-2023_2646-1

OPENSUSE-SU-2023_2871-1

RHSA-2023:6583

RHSA-2023:6901

RHSA-2023:7077

RHSA-2023_6583

RHSA-2023_6901

RHSA-2023_7077

RHSA-2024:0575

RHSA-2024:0724

SUSE-SU-2023:1608-1

SUSE-SU-2023:1609-1

SUSE-SU-2023:1710-1

SUSE-SU-2023:1800-1

SUSE-SU-2023:1811-1

SUSE-SU-2023:1892-1

SUSE-SU-2023:2646-1

SUSE-SU-2023:2809-1

SUSE-SU-2023:2871-1

USN-5978-1

USN-6079-1

USN-6080-1

USN-6085-1

USN-6090-1

USN-6091-1

USN-6094-1

USN-6096-1

USN-6109-1

USN-6118-1

USN-6132-1

USN-6133-1

USN-6134-1

USN-6222-1

USN-6256-1

USN-6385-1

Affected Products

Almalinux

Astra Linux

Centos

Debian

Linux Kernel

Linuxmint

Red Hat

Suse

Ubuntu

PT-2023-1658 · Linux+8 · Linux Kernel+8

CVE-2023-1075

Weakness Enumeration

Related Identifiers

Affected Products

References · 857