A remote DoS vulnerability was found in the the Linux TIPC kernel module. Sending 2 small UDP packets to a system with a UDP bearer results in the CPU utilization for the system to instantly spike to 100% and the system is unresponsive to input. The while loop in tipc_link_xmit() hits an unknown state while attempting to parse SKB's which are not in the queue, resulting in DoS. Upstream fix: https://github.com/torvalds/linux/commit/b77413446408fdd256599daf00d5be72b5f3e7c6
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2023-1390
This issue was fixed upstream in version 5.11. The kernel packages as shipped in Red Hat Enterprise Linux 8 were previously updated to a version that contains the fix via the following errata: kernel in Red Hat Enterprise Linux 8 https://access.redhat.com/errata/RHSA-2021:1578 kernel-rt in Red Hat Enterprise Linux 8 https://access.redhat.com/errata/RHSA-2021:1739
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions Via RHSA-2023:3190 https://access.redhat.com/errata/RHSA-2023:3190
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions Via RHSA-2023:3191 https://access.redhat.com/errata/RHSA-2023:3191
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Advanced Update Support Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Red Hat Enterprise Linux 8.2 Telecommunications Update Service Via RHSA-2023:4125 https://access.redhat.com/errata/RHSA-2023:4125
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Telecommunications Update Service Via RHSA-2023:4126 https://access.redhat.com/errata/RHSA-2023:4126
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Via RHSA-2023:4146 https://access.redhat.com/errata/RHSA-2023:4146