CVE-2023-42755 Kernel: rsvp: out-of-bounds read in rsvp_classify()

🗓️ 05 Oct 2023 18:25:23Reported by redhatType

Flaw in Linux kernel RSVP classifier allows local user to crash syste

Reporter	Title	Published	Views	Family All 286
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Linux Kernel might affect IBM Storage Copy Data Management	27 Sep 202418:11	–	ibm
Tenable Nessus	Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2023-356)	3 Oct 202300:00	–	nessus
Tenable Nessus	Amazon Linux 2 : kernel, --advisory ALAS2-2023-2264 (ALAS-2023-2264)	5 Oct 202300:00	–	nessus
Tenable Nessus	Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2023-041 (ALASKERNEL-5.10-2023-041)	18 Oct 202300:00	–	nessus
Tenable Nessus	Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.15-2023-027 (ALASKERNEL-5.15-2023-027)	6 Oct 202300:00	–	nessus
Tenable Nessus	Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.4-2023-053 (ALASKERNEL-5.4-2023-053)	6 Oct 202300:00	–	nessus
Tenable Nessus	Amazon Linux AMI : kernel (ALAS-2023-1838)	6 Oct 202300:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0136: cloud-kernel bugfix, enhancement and (ALINUX3-SA-2023:0136)	14 May 202500:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0149: cloud-kernel bugfix, enhancement and (ALINUX3-SA-2024:0149)	14 May 202500:00	–	nessus
Tenable Nessus	Debian dla-3623 : linux-config-5.10 - security update	20 Oct 202300:00	–	nessus

[
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel-rt",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:4.18.0-553.rt7.342.el8_10",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:enterprise_linux:8::nfv",
      "cpe:/a:redhat:enterprise_linux:8::realtime"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:4.18.0-553.el8_10",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:8::baseos",
      "cpe:/a:redhat:enterprise_linux:8::crb"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 6",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel",
    "defaultStatus": "unknown",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:6"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel",
    "defaultStatus": "unknown",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:7"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel-rt",
    "defaultStatus": "unknown",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:7"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel-rt",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:9"
    ]
  }
]

Source	Link
access	www.access.redhat.com/security/cve/CVE-2023-42755
access	www.access.redhat.com/errata/RHSA-2024:2950
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
access	www.access.redhat.com/errata/RHSA-2024:3138
seclists	www.seclists.org/oss-sec/2023/q3/229

08 Nov 2025 07:10Current

6.8Medium risk

Vulners AI Score6.8

CVSS 3.16.5

EPSS0.004

CWE-125