PT-2023-9121 · Linux+3 · Linux Kernel+3

Oliver Neukum

Published

2023-11-16

Updated

2025-02-03

CVE-2023-52655

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.7

Description The issue is related to an integer overflow in the aqc111 driver. If a device sends a packet with a length between 0 and sizeof(u64), the value passed to skb trim() as length will wrap around, resulting in a very large value. The driver will then proceed to parse the header at that position, which may cause it to process a random value or crash. The fix involves checking against sizeof(u64) rather than 0.

Recommendations To resolve the issue, update the Linux kernel to version 6.6.7 or later. As a temporary workaround, consider restricting access to the vulnerable aqc111 driver until a patch is available.

Exploit

Fix

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

BDU:2024-03940

CVE-2023-52655

OESA-2024-1647

OESA-2024-1650

OESA-2024-1693

OPENSUSE-SU-2024_2185-1

OPENSUSE-SU-2024_2189-1

SUSE-SU-2024:1979-1

SUSE-SU-2024:1983-1

SUSE-SU-2024:2008-1

SUSE-SU-2024:2010-1

SUSE-SU-2024:2011-1

SUSE-SU-2024:2019-1

SUSE-SU-2024:2135-1

SUSE-SU-2024:2183-1

SUSE-SU-2024:2184-1

SUSE-SU-2024:2185-1

SUSE-SU-2024:2189-1

SUSE-SU-2024:2190-1

SUSE-SU-2024:2203-1

SUSE-SU-2025:0231-1

SUSE-SU-2025:20008-1

SUSE-SU-2025:20028-1

Affected Products

Astra Linux

Linux Kernel

Red Os

Suse

PT-2023-9121 · Linux+3 · Linux Kernel+3

CVE-2023-52655

Weakness Enumeration

Related Identifiers

Affected Products

References · 3014