CVE-2023-53667

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.15.106-syzkaller-00249-g19c0ed55a470

Description The Linux kernel contains a flaw within the cdc ncm module related to handling excessively small values of dwNtbOutMaxSize. Specifically, the cdc ncm check tx max() function does not adequately validate this value, potentially leading to insufficient memory allocation when creating SKB (Socket Kernel Buffer) structures. This can result in a kernel panic due to SKB bounds checking failures if the size of SKB header structs increases, exceeding the allocated data space. The issue arises from the alignment of memory during SKB allocation and the limited space available for CDC data.

Recommendations Update the Linux kernel to version 5.15.106-syzkaller-00249-g19c0ed55a470 or a later version that includes the fix.