CVE-2023-54012Uncontrolled Recursion in Linux

CWE-674Uncontrolled Recursion7 documents6 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 86.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: net: fix stack overflow when LRO is disabled for virtual interfaces When the virtual interface's feature is updated, it synchronizes the updated feature for its own lower interface. This propagation logic should be worked as the iteration, not recursively. But it works recursively due to the netdev notification unexpectedly. This problem occurs when it disables LRO only for the team and bonding interface type. team0 | +------

Affected Packages4 packages

Linuxlinux/linux_kernel4.4.05.4.244+4
Debianlinux/linux_kernel< 5.10.191-1+3
CVEListV5linux/linuxfd867d51f889aec11cca235ebb008578780d052d9ea0c5f90a27b5b884d880e146e0f65f3052e401+6
debiandebian/linux< linux 6.1.37-1 (bookworm)

🔴Vulnerability Details

3
OSV
net: fix stack overflow when LRO is disabled for virtual interfaces2025-12-24
GHSA
GHSA-2vmp-q8v6-7qc9: In the Linux kernel, the following vulnerability has been resolved: net: fix stack overflow when LRO is disabled for virtual interfaces When the vir2025-12-24
OSV
CVE-2023-54012: In the Linux kernel, the following vulnerability has been resolved: net: fix stack overflow when LRO is disabled for virtual interfaces When the virtu2025-12-24

📋Vendor Advisories

2
Red Hat
kernel: net: fix stack overflow when LRO is disabled for virtual interfaces2025-12-24
Debian
CVE-2023-54012: linux - In the Linux kernel, the following vulnerability has been resolved: net: fix st...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54012 Impact, Exploitability, and Mitigation Steps | Wiz