CVE-2023-52928

In the Linux kernel, the following vulnerability has been resolved: bpf: Skip invalid kfunc call in backtrackinsn The verifier skips invalid kfunc call in checkkfunccall, which would be captured in fixupkfunccall if such insn is not eliminated by dead code elimination. However, this can lead to t...

CVE-2023-52928

CVE-2023-52928 concerns the Linux kernel’s BPF verifier. According to connected sources, the issue arises from the verifier’s handling of invalid kfunc calls in backtrack_insn, where such an instruction could be captured by fixup_kfunc_call() and, if not eliminated by DCE, trigger a warning in ba...

GSD-2023-1001845 bpf: Skip invalid kfunc call in backtrack_insn

bpf: Skip invalid kfunc call in backtrackinsn This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.11 by commit...

PT-2023-35099 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.93 Description: The issue concerns an invalid kfunc call in backtrack insn within the bpf component. The actual impact and potential for attack have not been fully determined. Recommendations: For Linux...