Bug 2178212 (CVE-2023-1390) - CVE-2023-1390 kernel: remote DoS in TIPC kernel module
Summary: CVE-2023-1390 kernel: remote DoS in TIPC kernel module
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2023-1390
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact: Li Shuang
URL:
Whiteboard:
Depends On: 1858099 1918657 2178943 2178944 2178984 2178985 2178986 2178987 2178988 2178989
Blocks: 2150341
TreeView+ depends on / blocked
 
Reported: 2023-03-14 14:49 UTC by Mauro Matteo Cascella
Modified: 2023-07-18 08:21 UTC (History)
47 users (show)

Fixed In Version: kernel 5.11-rc4
Clone Of:
Environment:
Last Closed: 2023-03-14 18:27:56 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2023:3190 0 None None None 2023-05-17 15:23:50 UTC
Red Hat Product Errata RHSA-2023:3191 0 None None None 2023-05-17 15:23:58 UTC
Red Hat Product Errata RHSA-2023:4125 0 None None None 2023-07-18 07:44:50 UTC
Red Hat Product Errata RHSA-2023:4126 0 None None None 2023-07-18 07:44:57 UTC
Red Hat Product Errata RHSA-2023:4146 0 None None None 2023-07-18 08:21:29 UTC

Description Mauro Matteo Cascella 2023-03-14 14:49:53 UTC 
A remote DoS vulnerability was found in the the Linux TIPC kernel module. Sending 2 small UDP packets to a system with a UDP bearer results in the CPU utilization for the system to instantly spike to 100% and the system is unresponsive to input. The while loop in tipc_link_xmit() hits an unknown state while attempting to parse SKB's which are not in the queue, resulting in DoS.

Upstream fix:
https://github.com/torvalds/linux/commit/b77413446408fdd256599daf00d5be72b5f3e7c6
Comment 2 Product Security DevOps Team 2023-03-14 18:27:53 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2023-1390
Comment 6 Mauro Matteo Cascella 2023-03-16 09:11:19 UTC 
This issue was fixed upstream in version 5.11. The kernel packages as shipped in Red Hat Enterprise Linux 8 were previously updated to a version that contains the fix via the following errata:

kernel in Red Hat Enterprise Linux 8
https://access.redhat.com/errata/RHSA-2021:1578

kernel-rt in Red Hat Enterprise Linux 8
https://access.redhat.com/errata/RHSA-2021:1739
Comment 19 errata-xmlrpc 2023-05-17 15:23:47 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions

Via RHSA-2023:3190 https://access.redhat.com/errata/RHSA-2023:3190
Comment 20 errata-xmlrpc 2023-05-17 15:23:55 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions

Via RHSA-2023:3191 https://access.redhat.com/errata/RHSA-2023:3191
Comment 21 errata-xmlrpc 2023-07-18 07:44:48 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support
  Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions
  Red Hat Enterprise Linux 8.2 Telecommunications Update Service

Via RHSA-2023:4125 https://access.redhat.com/errata/RHSA-2023:4125
Comment 22 errata-xmlrpc 2023-07-18 07:44:54 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Telecommunications Update Service

Via RHSA-2023:4126 https://access.redhat.com/errata/RHSA-2023:4126
Comment 23 errata-xmlrpc 2023-07-18 08:21:25 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions

Via RHSA-2023:4146 https://access.redhat.com/errata/RHSA-2023:4146
Note You need to log in before you can comment on or make changes to this bug.