CVE-2023-54251

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.5.0-rc1-00330-g60cc1f7d0605

Description The Linux kernel contained a flaw in the net/sched/sch taprio module where the TCA TAPRIO ATTR SCHED CYCLE TIME attribute was not properly limited to INT MAX. This resulted in a zero division error in the div s64 rem() function when called from get cycle time elapsed(), as the divisor (sched->cycle time) could be zero due to type differences. Specifically, cycle time is an s64, but the argument of div s64 rem() is an s32, allowing a value of 0x100000000 to be cast to 0. This issue was discovered by syzkaller, a kernel fuzzer. The error occurred within the find entry to transmit() function during packet transmission, potentially impacting network performance and stability.

Recommendations Update to Linux kernel version 6.5.0-rc1-00330-g60cc1f7d0605 or a later version that includes the fix.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2023-54251

RHSA-2024:2394

RHSA-2024:8157

SUSE-SU-2026:0263-1

SUSE-SU-2026:0278-1

SUSE-SU-2026:0281-1

SUSE-SU-2026:0293-1

SUSE-SU-2026:0315-1

SUSE-SU-2026:0317-1

SUSE-SU-2026:20477-1

SUSE-SU-2026:20498-1

SUSE-SU-2026:20845-1

SUSE-SU-2026:20876-1

Affected Products

Debian

Linux Kernel

Red Hat

CVE-2023-54251

Related Identifiers

Affected Products

References · 2097