PT-2023-2066 · Linux+6 · Linux Kernel+6

Published

2021-06-26

Updated

2023-11-14

CVE-2023-28772

CVSS v3.1

6.7

Medium

Vector

AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.13.3

Description The issue is related to a buffer overflow in the seq buf putmem hex() function of the Linux kernel, which can lead to a denial of service. The problem is caused by the function writing beyond the boundaries of a buffer in memory.

Recommendations For Linux kernel versions prior to 5.13.3, update to version 5.13.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the seq buf putmem hex() function until a patch is available.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

ALSA-2023:7077

ALT-PU-2021-2277

ALT-PU-2021-2278

ALT-PU-2021-2284

ALT-PU-2021-2295

ALT-PU-2021-2299

ALT-PU-2021-2334

ALT-PU-2021-2355

ALT-PU-2021-2363

ALT-PU-2021-2365

ALT-PU-2021-2671

ALT-PU-2021-3000

ALT-PU-2021-3002

ALT-PU-2021-3007

ALT-PU-2021-3563

ALT-PU-2021-3573

ALT-PU-2022-2096

BDU:2023-01796

CESA-2023_6901

CESA-2023_7077

CVE-2023-28772

OESA-2023-1211

RHSA-2023:6901

RHSA-2023:7077

RHSA-2023_6901

RHSA-2023_7077

RHSA-2024:0724

RHSA-2024:1404

SUSE-SU-2023:1800-1

SUSE-SU-2023:1801-1

SUSE-SU-2023:1803-1

SUSE-SU-2023:1811-1

SUSE-SU-2023:1848-1

SUSE-SU-2023:1892-1

SUSE-SU-2023:1894-1

SUSE-SU-2023:2232-1

SUSE-SU-2023:2805-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Linux Kernel

Red Hat

Suse

PT-2023-2066 · Linux+6 · Linux Kernel+6

CVE-2023-28772

Weakness Enumeration

Related Identifiers

Affected Products

References · 321