CVE-2023-52596

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to an out of bounds access for empty sysctl registers in the Linux kernel. When registering tables to the sysctl subsystem, there is a check to see if the header is a permanently empty directory. This check evaluates the first element of the ctl table, resulting in an out of bounds evaluation when registering empty directories. The function register sysctl mount point now passes a ctl table of size 1 instead of size 0, relying solely on the type to identify a permanently empty register. It is essential to ensure that the ctl table has at least one element before testing for permanent emptiness.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.