Bug 2177382 (CVE-2023-28327) - CVE-2023-28327 kernel: denial of service problem in net/unix/diag.c
Summary: CVE-2023-28327 kernel: denial of service problem in net/unix/diag.c
Keywords:
Status: NEW
Alias: CVE-2023-28327
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Nobody
QA Contact:
URL:
Whiteboard:
Depends On: 2177384 2177385 2177386 2177387 2177388 2214852 2215016 2215057 2215109
Blocks: 2158739
TreeView+ depends on / blocked
 
Reported: 2023-03-11 10:09 UTC by Rohit Keshri
Modified: 2023-10-10 15:33 UTC (History)
39 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A NULL pointer dereference flaw was found in the UNIX protocol in net/unix/diag.c In unix_diag_get_exact in the Linux Kernel. The newly allocated skb does not have sk, leading to a NULL pointer. This flaw allows a local user to crash or potentially cause a denial of service.
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2023:5603 0 None None None 2023-10-10 15:25:02 UTC
Red Hat Product Errata RHSA-2023:5604 0 None None None 2023-10-10 15:33:08 UTC

Description Rohit Keshri 2023-03-11 10:09:40 UTC 
A null pointer dereference issue was found in the unix protocol in net/unix/diag.c in Linux before 6.0. In unix_diag_get_exact, the newly allocated skb does not have sk, leading to null pointer. A local user could use this flaw to crash the system or potentially cause a denial of service.

Reference:
https://lore.kernel.org/netdev/CAO4mrfdvyjFpokhNsiwZiP-wpdSD0AStcJwfKcKQdAALQ9_2Qw@mail.gmail.com/
https://lore.kernel.org/netdev/e04315e7c90d9a75613f3993c2baf2d344eef7eb.camel@redhat.com/
https://lore.kernel.org/netdev/20221127012412.37969-3-kuniyu@amazon.com/T/
Comment 2 Rohit Keshri 2023-03-11 10:19:47 UTC 
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 2177384]
Comment 6 Justin M. Forbes 2023-04-06 16:12:09 UTC 
This was resolved for Fedora with the 6.0.13 stable kernel updates.
Comment 13 errata-xmlrpc 2023-10-10 15:24:59 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Extended Update Support

Via RHSA-2023:5603 https://access.redhat.com/errata/RHSA-2023:5603
Comment 14 errata-xmlrpc 2023-10-10 15:33:05 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Extended Update Support

Via RHSA-2023:5604 https://access.redhat.com/errata/RHSA-2023:5604
Note You need to log in before you can comment on or make changes to this bug.