PT-2023-5747 · Linux+9 · Linux Kernel+9

Kyle Zeng

·

Published

2023-09-13

·

Updated

2024-12-19

·

CVE-2023-42754

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling ip options compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAP NET ADMIN privileges to crash the system.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALSA-2024:2394
ALSA-2024:2950
ALSA-2024:3138
ALT-PU-2023-6854
ALT-PU-2023-7004
ALT-PU-2023-7787
ALT-PU-2023-7838
ALT-PU-2024-14046
ALT-PU-2024-6818
AZL-31271
BDU:2023-06420
CESA-2024_2950
CESA-2024_3138
CVE-2023-42754
DLA-3710-1
INFSA-2024_2394
INFSA-2024_2950
INFSA-2024_3138
MGASA-2023-0295
MGASA-2023-0296
OESA-2023-1764
OESA-2023-1765
OESA-2023-1781
OESA-2023-1782
OESA-2023-1783
OPENSUSE-SU-2023_4035-1
OPENSUSE-SU-2023_4057-1
OPENSUSE-SU-2023_4058-1
OPENSUSE-SU-2023_4071-1
OPENSUSE-SU-2023_4072-1
OPENSUSE-SU-2023_4072-2
OPENSUSE-SU-2023_4347-1
OPENSUSE-SU-2023_4348-1
OPENSUSE-SU-2024:13305-1
OPENSUSE-SU-2024:13704-1
RHSA-2024:2394
RHSA-2024:2950
RHSA-2024:3138
RHSA-2024_2394
RHSA-2024_2950
RHSA-2024_3138
RLSA-2024:2950
RLSA-2024:3138
SUSE-SU-2023:4031-1
SUSE-SU-2023:4032-1
SUSE-SU-2023:4033-1
SUSE-SU-2023:4035-1
SUSE-SU-2023:4057-1
SUSE-SU-2023:4058-1
SUSE-SU-2023:4071-1
SUSE-SU-2023:4072-1
SUSE-SU-2023:4072-2
SUSE-SU-2023:4093-1
SUSE-SU-2023:4347-1
SUSE-SU-2023:4348-1
SUSE-SU-2023:4358-1
SUSE-SU-2023:4377-1
USN-6461-1
USN-6494-1
USN-6494-2
USN-6532-1
USN-6534-1
USN-6534-2
USN-6534-3
USN-6536-1
USN-6537-1
USN-6548-1
USN-6548-2
USN-6548-3
USN-6548-4
USN-6548-5
USN-6549-1
USN-6549-2
USN-6549-3
USN-6549-4
USN-6549-5
USN-6573-1
USN-6635-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Rocky Linux
Suse
Ubuntu