CVE-2023-53107

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.4-cloudflare-kasan-2023.1.2

Description A use-after-free issue has been identified in the Linux kernel, specifically in the veth module. This issue arises when the pskb expand head() function is used to expand the head of a socket buffer (skb), which can lead to the skb being freed while still in use by AF XDP. The problem was introduced by a commit that reworked the veth xdp rcv skb function. The issue can cause a crash or potentially allow an attacker to execute arbitrary code.

Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix for this problem. As a temporary workaround, consider disabling the veth xdp rcv skb function until a patch is available. Restrict access to the veth module to minimize the risk of exploitation.