CVE-2023-54155

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contained an unnecessary check in the bpf xdp adjust tail() function related to the frame sz size. Syzkaller reported that this check could lead to issues when handling XDP packets. The check was originally introduced to catch cases where XDP drivers had not been updated to use xdp.frame sz, but this is no longer a concern due to the introduction of xdp init buff(). The issue was identified during testing with syzkaller, which revealed that contiguous physical memory allocation is used for XDP paths in tun get user(), specifically in tun build skb() and tun alloc skb(). It was determined that XDP can operate on higher order pages as long as contiguous physical memory is available. The vulnerable function is bpf xdp adjust tail().

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.