CVE-2023-34319Out-of-bounds Write in Kernel

CWE-787Out-of-bounds WriteCWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer42 documents8 sources
Severity
7.8HIGHNVD
OSV7.0OSV6.5OSV5.7OSV5.5
EPSS
0.0%
top 98.52%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Linux KernelDebian LinuxDebian Linux+1 more
Timeline
PublishedSep 22
Latest updateOct 1

Description

The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Unfortunately the logic introduced there didn't account for the extreme case of the entire packet being split into as many pieces as permitted by the protocol, yet still being smaller than the area that's specially dealt with to keep all (possible) headers together. Such an unusual packet would therefore trigger a buffer overrun

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages5 packages

debiandebian/linux< linux 6.1.52-1 (bookworm)
NVDlinux/linux_kernel4.9.3364.10+7
Debianlinux/linux_kernel< 5.10.191-1+3
Ubuntulinux/linux_kernel< 5.4.0-165.182+5
NVDxen/xen

Also affects: Debian Linux 10.0

Patches

Patch: xenbits.xenproject.orgPatch: xenbits.xenproject.org

🔴Vulnerability Details

22
GHSA
GHSA-79f3-76v5-g4m8: In the Linux kernel, the following vulnerability has been resolved: xen/netback: Fix buffer overrun triggered by unusual packet It is possible that2025-10-01
OSV
Kernel Live Patch Security Notice2023-11-28
OSV
linux-nvidia-6.2 vulnerabilities2023-10-31
OSV
linux-iot, linux-raspi, linux-raspi-5.4 vulnerabilities2023-10-30
OSV
linux-oracle-5.15 vulnerabilities2023-10-26

📋Vendor Advisories

19
CISA ICS
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.12023-12-14
Ubuntu
Kernel Live Patch Security Notice2023-11-28
Ubuntu
Linux kernel (NVIDIA) vulnerabilities2023-10-31
Ubuntu
Linux kernel vulnerabilities2023-10-30
Ubuntu
Linux kernel (Oracle) vulnerabilities2023-10-26