CVE-2023-53382

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.4.0-rc1+ #42

Description A vulnerability exists in the Linux kernel's smc module where a crash can occur when attempting to use SMCRv2. This issue arises during the Connection-Level Control (CLC) handshake, specifically when switching from SMCRv2 to SMCRv1 due to resource allocation failures. The vulnerability occurs because resources assigned during the SMCRv2 attempt are not properly reset, leading to an incorrect link index being used when accessing memory regions (MR) in the smc clc send confirm accept() function, potentially resulting in a kernel NULL pointer dereference.

Recommendations Update to a version later than 6.4.0-rc1+ #42 to resolve this issue.