{ "threat_severity" : "Low", "public_date" : "2024-05-21T00:00:00Z", "bugzilla" : { "description" : "kernel: bpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself", "id" : "2282618", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2282618" }, "cvss3" : { "cvss3_base_score" : "4.4", "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "status" : "verified" }, "cwe" : "CWE-121", "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\nbpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself\nsock_map proto callbacks should never call themselves by design. Protect\nagainst bugs like [1] and break out of the recursive loop to avoid a stack\noverflow in favor of a resource leak.\n[1] https://lore.kernel.org/all/00000000000073b14905ef2e7401@google.com/" ], "statement" : "Redhat has rated this vulnerability as Low severity as by default in RHEL system the BPF sockmap feature is disabled by default which is needed for this vulnerability to be exploitable, on top of that local access and higher privileges are required to exploit this vulnerability and a successful exploitation will only result in a denial of service vulnerability.", "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2023-11-07T00:00:00Z", "advisory" : "RHSA-2023:6583", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-362.8.1.el9_3" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2023-11-07T00:00:00Z", "advisory" : "RHSA-2023:6583", "cpe" : "cpe:/o:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-362.8.1.el9_3" }, { "product_name" : "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date" : "2024-08-21T00:00:00Z", "advisory" : "RHSA-2024:5672", "cpe" : "cpe:/a:redhat:rhel_eus:9.2", "package" : "kernel-0:5.14.0-284.80.1.el9_2" }, { "product_name" : "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date" : "2024-08-21T00:00:00Z", "advisory" : "RHSA-2024:5673", "cpe" : "cpe:/a:redhat:rhel_eus:9.2::nfv", "package" : "kernel-rt-0:5.14.0-284.80.1.rt14.365.el9_2" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Not affected", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Fix deferred", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Fix deferred", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Affected", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:9" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2023-52735\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-52735\nhttps://lore.kernel.org/linux-cve-announce/2024052100-CVE-2023-52735-4df1@gregkh/T" ], "name" : "CVE-2023-52735", "mitigation" : { "value" : "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "lang" : "en:us" }, "csaw" : false }