PT-2023-5669 · Linux+7 · Linux Kernel+7

Docfate111

Published

2023-07-05

Updated

2025-05-23

CVE-2023-44466

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.4.5

Description An issue was discovered in the Linux kernel, specifically in net/ceph/messenger v2.c, where an integer signedness error leads to a buffer overflow and remote code execution via HELLO or one of the AUTH frames. This occurs because of an untrusted length taken from a TCP packet in ceph decode 32. The issue allows a remote attacker to execute arbitrary code or cause a denial of service.

Recommendations For Linux kernel versions prior to 6.4.5, update to version 6.4.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the ceph decode 32 function until a patch is available. Avoid using the ceph decode 32 function in the affected API endpoint until the issue is resolved.

Exploit

Fix

RCE

DoS

Heap Based Buffer Overflow

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-680CWE-122CWE-120

Related Identifiers

ALT-PU-2024-14046

ALT-PU-2024-6818

AZL-30056

BDU:2023-06336

CESA-2023_5244

CVE-2023-44466

GHSA-JG27-JX6W-XWPH

RHSA-2023:4789

RHSA-2023:4801

RHSA-2023:4962

RHSA-2023:5069

RHSA-2023:5244

RHSA-2023_5069

RHSA-2023_5244

USN-6416-1

USN-6416-2

USN-6416-3

USN-6445-1

USN-6445-2

USN-6464-1

USN-6466-1

USN-6520-1

Affected Products

Alt Linux

Astra Linux

Centos

Linuxmint

Linux Kernel

Red Hat

Red Os

Ubuntu

PT-2023-5669 · Linux+7 · Linux Kernel+7

CVE-2023-44466

Weakness Enumeration

Related Identifiers

Affected Products

References · 86