CVE-2023-52878 - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: can: dev: can_put_echo_skb(): don't crash kernel if can_priv::echo_skb is accessed out of bounds If the "struct can_priv::echoo_skb" is accessed out of bounds, this would cause a kernel crash. Instead, issue a meaningful warning message and return with an error.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Redhat	Enterprise Linux

No data.

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 8
kernel-rt-0:4.18.0-553.8.1.rt7.349.el8_10	cpe:/a:redhat:enterprise_linux:8::nfv	RHSA-2024:4352	2024-07-08T00:00:00Z
kernel-0:4.18.0-553.8.1.el8_10	cpe:/o:redhat:enterprise_linux:8	RHSA-2024:4211	2024-07-02T00:00:00Z

References

Link	Providers
https://git.kernel.org/stable/c/0d30931f1fa0fb893fb7d5dc32b6b7edfb775be4
https://git.kernel.org/stable/c/53c468008a7c9ca3f5fc985951f35ec2acae85bc
https://git.kernel.org/stable/c/6411959c10fe917288cbb1038886999148560057
https://git.kernel.org/stable/c/826120c9ba68f2d0dbae58e99013929c883d1444
https://git.kernel.org/stable/c/8ab67da060157362b2e0926692c659808784708f
https://lore.kernel.org/linux-cve-announce/2024052122-CVE-2023-52878-d433@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2023-52878
https://www.cve.org/CVERecord?id=CVE-2023-52878

History

No history.

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-05-21T15:32:10.616Z

Updated: 2024-08-02T23:18:41.163Z

Reserved: 2024-05-21T15:19:24.264Z

Link: CVE-2023-52878

Vulnrichment

Updated: 2024-08-02T23:18:41.163Z

NVD

Status : Awaiting Analysis

Published: 2024-05-21T16:15:24.450

Modified: 2024-05-21T16:53:56.550

Link: CVE-2023-52878

Redhat

Severity : Low

Publid Date: 2024-05-21T00:00:00Z

Links: CVE-2023-52878 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-52878", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-05-21T15:19:24.264Z", "datePublished": "2024-05-21T15:32:10.616Z", "dateUpdated": "2024-08-02T23:18:41.163Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T05:18:55.984Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: dev: can_put_echo_skb(): don't crash kernel if can_priv::echo_skb is accessed out of bounds\n\nIf the \"struct can_priv::echoo_skb\" is accessed out of bounds, this\nwould cause a kernel crash. Instead, issue a meaningful warning\nmessage and return with an error."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/can/dev/skb.c"], "versions": [{"version": "a6e4bc530403", "lessThan": "826120c9ba68", "status": "affected", "versionType": "git"}, {"version": "a6e4bc530403", "lessThan": "0d30931f1fa0", "status": "affected", "versionType": "git"}, {"version": "a6e4bc530403", "lessThan": "53c468008a7c", "status": "affected", "versionType": "git"}, {"version": "a6e4bc530403", "lessThan": "8ab67da06015", "status": "affected", "versionType": "git"}, {"version": "a6e4bc530403", "lessThan": "6411959c10fe", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/can/dev/skb.c"], "versions": [{"version": "2.6.33", "status": "affected"}, {"version": "0", "lessThan": "2.6.33", "status": "unaffected", "versionType": "custom"}, {"version": "5.15.139", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.1.63", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.5.12", "lessThanOrEqual": "6.5.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.6.2", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "custom"}, {"version": "6.7", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/826120c9ba68f2d0dbae58e99013929c883d1444"}, {"url": "https://git.kernel.org/stable/c/0d30931f1fa0fb893fb7d5dc32b6b7edfb775be4"}, {"url": "https://git.kernel.org/stable/c/53c468008a7c9ca3f5fc985951f35ec2acae85bc"}, {"url": "https://git.kernel.org/stable/c/8ab67da060157362b2e0926692c659808784708f"}, {"url": "https://git.kernel.org/stable/c/6411959c10fe917288cbb1038886999148560057"}], "title": "can: dev: can_put_echo_skb(): don't crash kernel if can_priv::echo_skb is accessed out of bounds", "x_generator": {"engine": "bippy-a5840b7849dd"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52878", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-21T17:05:12.659416Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:23:41.925Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:18:41.163Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/826120c9ba68f2d0dbae58e99013929c883d1444", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/0d30931f1fa0fb893fb7d5dc32b6b7edfb775be4", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/53c468008a7c9ca3f5fc985951f35ec2acae85bc", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/8ab67da060157362b2e0926692c659808784708f", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6411959c10fe917288cbb1038886999148560057", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/826120c9ba68f2d0dbae58e99013929c883d1444", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/0d30931f1fa0fb893fb7d5dc32b6b7edfb775be4", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/53c468008a7c9ca3f5fc985951f35ec2acae85bc", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/8ab67da060157362b2e0926692c659808784708f", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6411959c10fe917288cbb1038886999148560057", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:18:41.163Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52878", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-21T17:05:12.659416Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:01:25.236Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "can: dev: can_put_echo_skb(): don't crash kernel if can_priv::echo_skb is accessed out of bounds", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "a6e4bc530403", "lessThan": "826120c9ba68", "versionType": "git"}, {"status": "affected", "version": "a6e4bc530403", "lessThan": "0d30931f1fa0", "versionType": "git"}, {"status": "affected", "version": "a6e4bc530403", "lessThan": "53c468008a7c", "versionType": "git"}, {"status": "affected", "version": "a6e4bc530403", "lessThan": "8ab67da06015", "versionType": "git"}, {"status": "affected", "version": "a6e4bc530403", "lessThan": "6411959c10fe", "versionType": "git"}], "programFiles": ["drivers/net/can/dev/skb.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "2.6.33"}, {"status": "unaffected", "version": "0", "lessThan": "2.6.33", "versionType": "custom"}, {"status": "unaffected", "version": "5.15.139", "versionType": "custom", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.63", "versionType": "custom", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.5.12", "versionType": "custom", "lessThanOrEqual": "6.5.*"}, {"status": "unaffected", "version": "6.6.2", "versionType": "custom", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/net/can/dev/skb.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/826120c9ba68f2d0dbae58e99013929c883d1444"}, {"url": "https://git.kernel.org/stable/c/0d30931f1fa0fb893fb7d5dc32b6b7edfb775be4"}, {"url": "https://git.kernel.org/stable/c/53c468008a7c9ca3f5fc985951f35ec2acae85bc"}, {"url": "https://git.kernel.org/stable/c/8ab67da060157362b2e0926692c659808784708f"}, {"url": "https://git.kernel.org/stable/c/6411959c10fe917288cbb1038886999148560057"}], "x_generator": {"engine": "bippy-a5840b7849dd"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: dev: can_put_echo_skb(): don't crash kernel if can_priv::echo_skb is accessed out of bounds\n\nIf the \"struct can_priv::echoo_skb\" is accessed out of bounds, this\nwould cause a kernel crash. Instead, issue a meaningful warning\nmessage and return with an error."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T05:18:55.984Z"}}}, "cveMetadata": {"cveId": "CVE-2023-52878", "state": "PUBLISHED", "dateUpdated": "2024-08-02T23:18:41.163Z", "dateReserved": "2024-05-21T15:19:24.264Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-21T15:32:10.616Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"affected_release": [{"advisory": "RHSA-2024:4352", "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv", "package": "kernel-rt-0:4.18.0-553.8.1.rt7.349.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-07-08T00:00:00Z"}, {"advisory": "RHSA-2024:4211", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-553.8.1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-07-02T00:00:00Z"}], "bugzilla": {"description": "kernel: can: dev: can_put_echo_skb(): don't crash kernel if can_priv::echo_skb is accessed out of bounds", "id": "2282680", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282680"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.4", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-125", "details": ["In the Linux kernel, the following vulnerability has been resolved:\ncan: dev: can_put_echo_skb(): don't crash kernel if can_priv::echo_skb is accessed out of bounds\nIf the \"struct can_priv::echoo_skb\" is accessed out of bounds, this\nwould cause a kernel crash. Instead, issue a meaningful warning\nmessage and return with an error."], "name": "CVE-2023-52878", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-21T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-52878\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-52878\nhttps://lore.kernel.org/linux-cve-announce/2024052122-CVE-2023-52878-d433@gregkh/T"], "threat_severity": "Low", "upstream_fix": "kernel 5.15.139, kernel 6.1.63, kernel 6.5.12, kernel 6.6.2, kernel 6.7"}