Vulnerability CVE-2023-4622: Information

Description

A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation. The unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. Thus there is a race where unix_stream_sendpage() could access an skb locklessly that is being released by garbage collection, resulting in use-after-free. We recommend upgrading past commit 790c2f9d15b594350ae9bca7b236f2b1859de02c.

Severity: HIGH (7.0) Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2023-4622
Published: Sept. 6, 2023
Modified: Jan. 11, 2024
Error type identifier: CWE-416

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
kernel-image-mpsisyphus6.4.16-alt16.8.12-alt1ALT-PU-2023-5590-1329451Fixed
kernel-image-mpp116.4.16-alt16.8.8-alt1ALT-PU-2023-5590-1329451Fixed
kernel-image-pinesisyphus6.4.16-alt16.6.32-alt1ALT-PU-2023-5818-1330066Fixed
kernel-image-pinep116.4.16-alt16.6.31-alt1ALT-PU-2023-5818-1330066Fixed
kernel-image-rpi-unsisyphus6.1.77-alt16.6.23-alt1ALT-PU-2024-4263-5343076Fixed
kernel-image-rpi-unp106.1.77-alt16.1.77-alt1ALT-PU-2024-4843-2344147Fixed
kernel-image-rpi-unp116.1.77-alt16.6.23-alt1ALT-PU-2024-4263-5343076Fixed
kernel-image-un-defsisyphus6.4.16-alt16.6.32-alt1ALT-PU-2023-5606-1329464Fixed
kernel-image-un-defsisyphus_riscv646.4.16-alt1.0.port6.6.31-alt1.0.portALT-PU-2023-5831-1-Fixed
kernel-image-un-defp116.4.16-alt16.6.31-alt1ALT-PU-2023-5606-1329464Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-6.1.y&id=790c2f9d15b594350ae9bca7b236f2b1859de02c
  • Issue Tracking
  • Mailing List
  • Patch
  • Vendor Advisory
https://kernel.dance/790c2f9d15b594350ae9bca7b236f2b1859de02c
  • Patch
  • Vendor Advisory
https://www.debian.org/security/2023/dsa-5492
  • Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html
  • Mailing List
  • Third Party Advisory
http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html
    https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html

        1. Configuration 1

          cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
          Start including
          4.2
          End excliding
          6.1.47

          Configuration 2

          cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
          cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*
      VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
      Version: v24.5.3
      Back to top