CVE-2023-52878
MEDIUMLinux Kernel 2.6.33-5.15.139 - Out-of-bounds Read in CAN Echo SKB Handling
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: can: dev: can_put_echo_skb(): don't crash kernel if can_priv::echo_skb is accessed out of bounds If the "struct can_priv::echoo_skb" is accessed out of bounds, this would cause a kernel crash. Instead, issue a meaningful warning message and return with an error.
References (5)
Core 5
Core References
Mailing List, Patch
https://git.kernel.org/stable/c/826120c9ba68f2d0dbae58e99013929c883d1444
Mailing List, Patch
https://git.kernel.org/stable/c/0d30931f1fa0fb893fb7d5dc32b6b7edfb775be4
Mailing List, Patch
https://git.kernel.org/stable/c/53c468008a7c9ca3f5fc985951f35ec2acae85bc
Mailing List, Patch
https://git.kernel.org/stable/c/8ab67da060157362b2e0926692c659808784708f
Mailing List, Patch
https://git.kernel.org/stable/c/6411959c10fe917288cbb1038886999148560057
Scores
CVSS v3
5.5
EPSS
0.0022
EPSS Percentile
12.4%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-125
Status
published
Products (13)
Linux/Linux
< 2.6.33
Linux/Linux
2.6.33
Linux/Linux
5.15.139 - 5.15.*
Linux/Linux
6.1.63 - 6.1.*
Linux/Linux
6.5.12 - 6.5.*
Linux/Linux
6.6.2 - 6.6.*
Linux/Linux
6.7
Linux/Linux
a6e4bc5304033e434fabccabb230b8e9ff55d76f - 0d30931f1fa0fb893fb7d5dc32b6b7edfb775be4
Linux/Linux
a6e4bc5304033e434fabccabb230b8e9ff55d76f - 53c468008a7c9ca3f5fc985951f35ec2acae85bc
Linux/Linux
a6e4bc5304033e434fabccabb230b8e9ff55d76f - 6411959c10fe917288cbb1038886999148560057
... and 3 more
Published
May 21, 2024
Tracked Since
Feb 18, 2026