PT-2024-14741 · Linux+3 · Linux Kernel+3

Christoph Paasch

Published

2023-11-14

Updated

2025-03-27

CVE-2023-52778

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.0-rc5-gcd8bdf563d46

Description The issue arises from the TCP sockets and MPTCP subflows building egress packets larger than 64K, exceeding the maximum DSS data size. This results in the length being misrepresent on the wire and the stream being corrupted. The problem is observed on the receiver and is caused by the mptcp move skbs from subflow function. The issue can be addressed by explicitly bounding the maximum GSO size to what MPTCP actually allows.

Recommendations To resolve the issue, update the Linux kernel to a version that includes the fix for the maximum GSO size. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-99

Related Identifiers

BDU:2025-15325

CVE-2023-52778

OPENSUSE-SU-2024_4314-1

OPENSUSE-SU-2024_4316-1

SUSE-SU-2024:4314-1

SUSE-SU-2024:4316-1

SUSE-SU-2024:4318-1

SUSE-SU-2024:4387-1

SUSE-SU-2024_4314-1

SUSE-SU-2024_4316-1

SUSE-SU-2025:20163-1

SUSE-SU-2025:20164-1

SUSE-SU-2025:20246-1

SUSE-SU-2025:20247-1

Affected Products

Astra Linux

Linux Kernel

Red Os

Suse

PT-2024-14741 · Linux+3 · Linux Kernel+3

CVE-2023-52778

Weakness Enumeration

Related Identifiers

Affected Products

References · 1156