CVE-2023-52906

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.0-rc8

Description The vulnerability is related to the TCA MPLS LABEL attribute in the Linux kernel, which has an invalid combination of type NLA U32 and validation type NLA VALIDATE FUNCTION. This can trigger a warning in nla get range unsigned() when validation of the attribute fails. The associated min/max fields in the policy are negative as they are aliased by the validate field. The fix involves changing the attribute type to NLA BINARY, which is consistent with the comment above struct nla policy and all other users of NLA POLICY VALIDATE FN(). As a result, the length validation is moved to the validation function.

Recommendations To resolve the issue, update the Linux kernel to a version later than 6.1.0-rc8. If updating is not possible, consider temporarily disabling the act mpls module to minimize the risk of exploitation. However, this is not a permanent solution and may have unintended consequences on the system's functionality.

Note: The provided information does not specify the exact version that contains the fix, but it is mentioned that the issue is resolved in versions later than 6.1.0-rc8.