CVE-2023-1078

CVSS V2 None CVSS V3 None
Description
A flaw was found in the Linux Kernel in RDS (Reliable Datagram Sockets) protocol. The rds_rm_zerocopy_callback() uses list_entry() on the head of a list causing a type confusion. Local user can trigger this with rds_message_put(). Type confusion leads to `struct rds_msg_zcopy_info *info` actually points to something else that is potentially controlled by local user. It is known how to trigger this, which causes an out of bounds access, and a lock corruption.
Overview
  • CVE ID
  • CVE-2023-1078
  • Assigner
  • secalert@redhat.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2023-03-27T21:15:10
  • Last Modified Date
  • 2023-04-03T18:49:17
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* 1 OR
History
Created Old Value New Value Data Type Notes
2023-04-17 03:34:08 Added to TrackCVE
2023-04-17 03:34:10 Weakness Enumeration new