CVE-2023-53240

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability exists in the Linux kernel related to the xsk (socket kernel) functionality. Specifically, the issue involves a potential NULL pointer dereference in the xsk transmit (Tx) path when an interface is not brought up (IFF UP flag not set). This can occur when using either the sendmsg() or poll() syscalls, both of which utilize a common function, xsk xmit(). The vulnerability arises because the interface up check is performed after napi id marking in the sendmsg() path, leading to a potential dereference of a NULL pointer if the interface is brought up after the napi id is marked.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.