CVE-2023-53585

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw in the bpf sk assign function related to handling unhashed sockets. Specifically, the function does not properly reject unhashed UDP sockets, leading to a potential reference count leak. This occurs because the function increments the reference count of a socket, but the reference is not decremented as expected when the socket is bound or connected, and the SOCK RCU FREE flag is set. The issue arises from changes allowing access to unhashed UDP sockets from BPF without adjusting the helper function accordingly. The fix involves rejecting unhashed sockets in bpf sk assign, aligning its behavior with inet lookup skb. The vulnerable code path involves the following functions: bpf sk assign, skb steal sock, tcp v4 rcv, and inet lookup skb.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.