CVE-2023-54181Protection Mechanism Failure in Linux

CWE-693Protection Mechanism Failure7 documents6 sources
Severity
5.3MEDIUM
No vector
EPSS
0.0%
top 92.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix issue in verifying allow_ptr_leaks After we converted the capabilities of our networking-bpf program from cap_sys_admin to cap_net_admin+cap_bpf, our networking-bpf program failed to start. Because it failed the bpf verifier, and the error log is "R3 pointer comparison prohibited". A simple reproducer as follows, SEC("cls-ingress") int ingress(struct __sk_buff *skb) { struct iphdr *iph = (void *)(long)skb->data + si

Affected Packages4 packages

Linuxlinux/linux_kernel5.8.06.1.53+2
Debianlinux/linux_kernel< 6.1.55-1+2
CVEListV5linux/linux2c78ee898d8f10ae6fb2fa23a3fbaec96b1b7366c96c67991aac6401b4c6996093bccb704bb2ea4b+4
debiandebian/linux< linux 6.1.55-1 (bookworm)

🔴Vulnerability Details

3
OSV
CVE-2023-54181: In the Linux kernel, the following vulnerability has been resolved: bpf: Fix issue in verifying allow_ptr_leaks After we converted the capabilities of2025-12-30
GHSA
GHSA-6985-fmpm-h392: In the Linux kernel, the following vulnerability has been resolved: bpf: Fix issue in verifying allow_ptr_leaks After we converted the capabilities2025-12-30
OSV
bpf: Fix issue in verifying allow_ptr_leaks2025-12-30

📋Vendor Advisories

2
Red Hat
kernel: bpf: Fix issue in verifying allow_ptr_leaks2025-12-30
Debian
CVE-2023-54181: linux - In the Linux kernel, the following vulnerability has been resolved: bpf: Fix is...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54181 Impact, Exploitability, and Mitigation Steps | Wiz