PT-2023-6288 · Linux+9 · Linux Kernel+9

Manfred Rudigier

·

Published

2023-08-24

·

Updated

2025-02-05

·

CVE-2023-45871

CVSS v3.1

7.5

High

VectorAV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.5.3
Description An issue was discovered in the IGB driver in the Linux kernel. A buffer size may not be adequate for frames larger than the MTU, which could lead to a buffer overflow. This issue is related to the igb set rx buffer len() function in the drivers/net/ethernet/intel/igb/igb main.c module. Exploitation of this issue may allow a remote attacker to impact the confidentiality, integrity, and availability of protected information.
Recommendations For Linux kernel versions prior to 6.5.3, update to version 6.5.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable igb main.c module to minimize the risk of exploitation. Avoid using frames larger than the MTU in the affected IGB driver until the issue is resolved.

Fix

DoS

Out of bounds Read

Memory Corruption

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-787CWE-131CWE-120

Related Identifiers

ALSA-2024:0897
ALT-PU-2023-7004
ALT-PU-2023-7681
ALT-PU-2023-8485
ALT-PU-2024-6818
AZL-31567
BDU:2023-06999
CESA-2024_0876
CESA-2024_0881
CESA-2024_0897
CESA-2024_1249
CVE-2023-45871
DLA-3710-1
OESA-2023-1764
OESA-2023-1765
OESA-2023-1781
OESA-2023-1782
OESA-2023-1783
OPENSUSE-SU-2023_4730-1
OPENSUSE-SU-2023_4731-1
OPENSUSE-SU-2023_4732-1
OPENSUSE-SU-2023_4734-1
OPENSUSE-SU-2023_4782-1
OPENSUSE-SU-2023_4882-1
RHSA-2023:7734
RHSA-2023:7749
RHSA-2023_7749
RHSA-2024:0378
RHSA-2024:0381
RHSA-2024:0386
RHSA-2024:0412
RHSA-2024:0431
RHSA-2024:0432
RHSA-2024:0439
RHSA-2024:0448
RHSA-2024:0554
RHSA-2024:0562
RHSA-2024:0563
RHSA-2024:0575
RHSA-2024:0593
RHSA-2024:0876
RHSA-2024:0881
RHSA-2024:0897
RHSA-2024:0980
RHSA-2024:0999
RHSA-2024:1249
RHSA-2024:1268
RHSA-2024:1269
RHSA-2024:1278
RHSA-2024:1323
RHSA-2024:1332
RHSA-2024_0881
RHSA-2024_0897
RHSA-2024_1249
RHSA-2024_1332
RXSA-2023:7749
SUSE-SU-2023:4730-1
SUSE-SU-2023:4731-1
SUSE-SU-2023:4732-1
SUSE-SU-2023:4733-1
SUSE-SU-2023:4734-1
SUSE-SU-2023:4735-1
SUSE-SU-2023:4782-1
SUSE-SU-2023:4783-1
SUSE-SU-2023:4784-1
SUSE-SU-2023:4810-1
SUSE-SU-2023:4811-1
SUSE-SU-2023:4882-1
SUSE-SU-2023:4883-1
USN-6494-1
USN-6494-2
USN-6495-1
USN-6495-2
USN-6496-1
USN-6496-2
USN-6502-1
USN-6502-2
USN-6502-3
USN-6502-4
USN-6516-1
USN-6520-1
USN-6532-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Red Os
Suse
Ubuntu