CVE-2023-23454Type Confusion in Linux

CWE-843Type ConfusionCWE-125Out-of-bounds Read34 documents9 sources
Severity
5.5MEDIUMNVD
OSV8.8OSV4.7
EPSS
0.0%
top 88.79%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
Linux KernelDebian LinuxDebian Linux+3 more
Timeline
PublishedJan 12
Latest updateFeb 13

Description

cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages7 packages

Debianlinux/linux_kernel< 5.10.162-1+3
Ubuntulinux/linux_kernel< 5.4.0-144.161+1
NVDlinux/linux_kernel2.6.126.1.4
debiandebian/linux< linux 6.1.7-1 (bookworm)

Also affects: Debian Linux 11.0

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

14
OSV
linux-gcp, linux-hwe-5.19 vulnerabilities2023-05-22
OSV
linux, linux-aws, linux-azure, linux-azure-5.19, linux-kvm, linux-lowlatency, linux-raspi vulnerabilities2023-05-16
OSV
linux-intel-iotg vulnerabilities2023-04-11
OSV
linux-bluefield vulnerabilities2023-04-05
OSV
linux-gke, linux-gke-5.15, linux-ibm, linux-kvm vulnerabilities2023-03-29

📋Vendor Advisories

18
CISA ICS
Siemens SCALANCE W7002025-02-13
CISA ICS
Siemens SCALANCE XCM-/XRM-3002024-02-15
CISA ICS
Siemens SIMATIC S7-1500 TM MFP Linux Kernel2023-06-15
Ubuntu
Linux kernel vulnerabilities2023-05-22
Ubuntu
Linux kernel vulnerabilities2023-05-18

📄Research Papers

1
arXiv
Top of the Heap: Efficient Memory Error Protection of Safe Heap Objects2024-08-19