1. Home
  2. Vulnerabilities
  3. CVE-2023-1078

CVE-2023-1078

CVSS v3.1 7.8 (High)
78% Progress
EPSS 0.04 % (5th)
0.04% Progress
Affected Products 1
Advisories 37
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

A flaw was found in the Linux Kernel in RDS (Reliable Datagram Sockets) protocol. The rds_rm_zerocopy_callback() uses list_entry() on the head of a list causing a type confusion. Local user can trigger this with rds_message_put(). Type confusion leads to struct rds_msg_zcopy_info *info actually points to something else that is potentially controlled by local user. It is known how to trigger this, which causes an out of bounds access, and a lock corruption.

Weaknesses
CWE-787
Out-of-bounds Write
CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CVE Status
PUBLISHED
CNA
Red Hat, Inc.
Published Date
2023-03-27 21:15:10
(17 months ago)
Updated Date
2023-11-05 19:15:08
(10 months ago)

Affected Products

Linux

Configuration #1

    CPE23 From Up To
  Linux Kernel from 4.17 version and prior 4.19.273 version cpe:2.3:o:linux:linux_kernel >= 4.17 < 4.19.273
  Linux Kernel from 4.20 version and prior 5.4.232 version cpe:2.3:o:linux:linux_kernel >= 4.20 < 5.4.232
  Linux Kernel from 5.5 version and prior 5.10.168 version cpe:2.3:o:linux:linux_kernel >= 5.5 < 5.10.168
  Linux Kernel from 5.11 version and prior 5.15.94 version cpe:2.3:o:linux:linux_kernel >= 5.11 < 5.15.94
  Linux Kernel from 5.16 version and prior 6.1.12 version cpe:2.3:o:linux:linux_kernel >= 5.16 < 6.1.12