CVE-2023-54012

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel related to Large Receive Offload (LRO) handling for virtual interfaces. When LRO is disabled for team or bonding interfaces, a recursive notification mechanism can lead to a stack overflow. This occurs because updating a virtual interface's feature triggers notifications to its lower interfaces, which then propagate back up, creating a recursive loop. The issue is not an infinite loop, but rather an unexpected recursion due to the notification mechanism. The problem is reproducible by adding multiple team interfaces under a team interface and then disabling LRO on the parent interface.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.