CVE-2023-54039

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description An issue exists in the Linux kernel related to an out-of-bounds memory access within the j1939 tp tx dat new() function. Specifically, a flawed memcpy() operation could occur if the size of skb->cb exceeded the size of the struct j1939 sk buff cb structure, potentially leading to a read beyond the intended memory boundaries. The fix involves updating the memcpy() operation to utilize the size of struct j1939 sk buff cb instead of skb->cb, ensuring memory access remains within bounds. A BUILD BUG ON() check was added to verify that skb->cb is sufficiently large to accommodate struct j1939 sk buff cb.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.