CVE-2023-54004

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contained a null pointer dereference issue within the UDPLITE protocol handling, specifically in the sk mem raise allocated() function. This issue was identified through automated testing (syzbot) and addressed by ensuring proper memory allocation settings for UDPLITE, aligning it with the UDP protocol. The problem occurred during socket operations involving IPPROTO UDPLITE (0x88). The root cause was a missing initialization of the .memory allocated field, leading to a potential crash when accessing memory.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.