mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-30 18:04:30 +00:00
102 lines
5.5 KiB
JSON
102 lines
5.5 KiB
JSON
{
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2023-52700",
|
|
"ASSIGNER": "cve@kernel.org",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix kernel warning when sending SYN message\n\nWhen sending a SYN message, this kernel stack trace is observed:\n\n...\n[ 13.396352] RIP: 0010:_copy_from_iter+0xb4/0x550\n...\n[ 13.398494] Call Trace:\n[ 13.398630] <TASK>\n[ 13.398630] ? __alloc_skb+0xed/0x1a0\n[ 13.398630] tipc_msg_build+0x12c/0x670 [tipc]\n[ 13.398630] ? shmem_add_to_page_cache.isra.71+0x151/0x290\n[ 13.398630] __tipc_sendmsg+0x2d1/0x710 [tipc]\n[ 13.398630] ? tipc_connect+0x1d9/0x230 [tipc]\n[ 13.398630] ? __local_bh_enable_ip+0x37/0x80\n[ 13.398630] tipc_connect+0x1d9/0x230 [tipc]\n[ 13.398630] ? __sys_connect+0x9f/0xd0\n[ 13.398630] __sys_connect+0x9f/0xd0\n[ 13.398630] ? preempt_count_add+0x4d/0xa0\n[ 13.398630] ? fpregs_assert_state_consistent+0x22/0x50\n[ 13.398630] __x64_sys_connect+0x16/0x20\n[ 13.398630] do_syscall_64+0x42/0x90\n[ 13.398630] entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nIt is because commit a41dad905e5a (\"iov_iter: saner checks for attempt\nto copy to/from iterator\") has introduced sanity check for copying\nfrom/to iov iterator. Lacking of copy direction from the iterator\nviewpoint would lead to kernel stack trace like above.\n\nThis commit fixes this issue by initializing the iov iterator with\nthe correct copy direction when sending SYN or ACK without data."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "Linux",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Linux",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_affected": "<",
|
|
"version_name": "f25dcc7687d4",
|
|
"version_value": "54b6082aec17"
|
|
},
|
|
{
|
|
"version_value": "not down converted",
|
|
"x_cve_json_5_version_data": {
|
|
"versions": [
|
|
{
|
|
"version": "4.0",
|
|
"status": "affected"
|
|
},
|
|
{
|
|
"version": "0",
|
|
"lessThan": "4.0",
|
|
"status": "unaffected",
|
|
"versionType": "semver"
|
|
},
|
|
{
|
|
"version": "6.1.13",
|
|
"lessThanOrEqual": "6.1.*",
|
|
"status": "unaffected",
|
|
"versionType": "semver"
|
|
},
|
|
{
|
|
"version": "6.2",
|
|
"lessThanOrEqual": "*",
|
|
"status": "unaffected",
|
|
"versionType": "original_commit_for_fix"
|
|
}
|
|
],
|
|
"defaultStatus": "affected"
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/54b6082aec178f16ad6d193b4ecdc9c4823d9a32",
|
|
"refsource": "MISC",
|
|
"name": "https://git.kernel.org/stable/c/54b6082aec178f16ad6d193b4ecdc9c4823d9a32"
|
|
},
|
|
{
|
|
"url": "https://git.kernel.org/stable/c/11a4d6f67cf55883dc78e31c247d1903ed7feccc",
|
|
"refsource": "MISC",
|
|
"name": "https://git.kernel.org/stable/c/11a4d6f67cf55883dc78e31c247d1903ed7feccc"
|
|
}
|
|
]
|
|
},
|
|
"generator": {
|
|
"engine": "bippy-9e1c9544281a"
|
|
}
|
|
} |