PT-2024-14659 · Linux+5 · Linux Kernel+5

Published

2023-12-12

·

Updated

2025-02-03

·

CVE-2023-52618

CVSS v3.1

5.3

Medium

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to a potential string overflow in the Linux kernel's block/rnbd-srv module. The dev search path can be as large as PATH MAX, and when copied into full path, which is also PATH MAX sized, there is a risk of truncation. This warning was reported by W=1 builds. The function rnbd srv get full path is involved, and the snprintf function is used with a potential output of up to 254 bytes into a region of size between 0 and 4095. To fix this, the code now unconditionally checks for truncation, similar to the case where "%SESSNAME%" is present.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Stack Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-121

Related Identifiers

BDU:2025-14602
CVE-2023-52618
DLA-3842-1
DSA-5658-1
DSA-5681-1
OESA-2024-1566
OESA-2024-1620
OESA-2024-1621
OESA-2024-1647
SUSE-SU-2024:2008-1
SUSE-SU-2024:2019-1
SUSE-SU-2024:2135-1
SUSE-SU-2024:2190-1
SUSE-SU-2024:2203-1
SUSE-SU-2024:2973-1
SUSE-SU-2025:20008-1
SUSE-SU-2025:20028-1
USN-6765-1
USN-6766-1
USN-6766-2
USN-6766-3
USN-6795-1
USN-6818-1
USN-6818-2
USN-6818-3
USN-6818-4
USN-6819-1
USN-6819-2
USN-6819-3
USN-6819-4
USN-6828-1

Affected Products

Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu