CVE-2023-52580

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.15.85-intel-ese-standard-lts

Description The vulnerability is related to the skb flow dissect function in the Linux kernel, which incorrectly calculates the nhoff value when a PTP ethernet raw frame with a size of more than 256 bytes followed by a 0xff pattern is sent. This leads to a kernel crash. The issue is caused by the hdr->message length taking the wrong value (0xffff) and not replicating the real header length. The nhoff value is overridden, and the PTP header is badly dissected.

Recommendations To resolve the issue, update the Linux kernel to a version that includes the fix for the net/core: Fix ETH P 1588 flow dissector vulnerability. Specifically, update to a version later than 5.15.85-intel-ese-standard-lts.

As a temporary workaround, consider disabling the skb flow dissect function until a patch is available. However, this may have unintended consequences and should be done with caution.

It is also recommended to restrict access to the vulnerable module net/core to minimize the risk of exploitation.

Note: The provided information does not specify the exact version that includes the fix, so it is recommended to update to the latest available version of the Linux kernel.