CVE-2023-54161

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.5

Description The Linux kernel contains a flaw in the unix stream sendpage() function related to a null-pointer dereference. This issue arises when handling sockets in a loop, potentially leading to a use-after-free condition during garbage collection. The vulnerability occurs when attempting to add data to the last socket buffer (skb) in the peer's receive queue without proper locking. This can happen if a socket's file descriptor (FD) is passed to another socket and subsequently closed without receiving the FD, creating a loop. The garbage collection process may unlink the skb with the FD from the socket's receive queue while unix stream sendpage() is attempting to access it, resulting in a crash.

Recommendations Update to version 6.5 or later.