CVE-2023-52846
hsr: Prevent use after free in prp_create_tagged_frame()
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS —EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
21 mai 2024Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
In the Linux kernel, the following vulnerability has been resolved:
hsr: Prevent use after free in prp_create_tagged_frame()
The prp_fill_rct() function can fail. In that situation, it frees the
skb and returns NULL. Meanwhile on the success path, it returns the
original skb. So it's straight forward to fix bug by using the returned
value.
Produtos afetados
Linux · LinuxReferências
https://git.kernel.org/stable/c/1787b9f0729d318d67cf7c5a95f0c3dba9a7cc18https://git.kernel.org/stable/c/6086258bd5ea7b5c706ff62da42b8e271b2401dbhttps://git.kernel.org/stable/c/876f8ab52363f649bcc74072157dfd7adfbabc0dhttps://git.kernel.org/stable/c/a1a485e45d24b1cd8fe834fd6f1b06e2903827dahttps://git.kernel.org/stable/c/d103fb6726904e353b4773188ee3d3acb4078363https://git.kernel.org/stable/c/ddf4e04e946aaa6c458b8b6829617cc44af2bffd