| Summary: |
VUL-0: REJECTED: CVE-2023-52734: kernel: net: sched: sch: Bounds check priority |
| Product: |
[Novell Products] SUSE Security Incidents
|
Reporter: |
SMASH SMASH <smash_bz> |
| Component: |
Incidents | Assignee: |
Security Team bot <security-team> |
| Status: |
RESOLVED
INVALID
|
QA Contact: |
Security Team bot <security-team> |
| Severity: |
Normal
|
|
|
| Priority: |
P3 - Medium
|
CC: |
andrea.mattiazzo, gabriele.sonnu, jlee, mhocko
|
| Version: |
unspecified | |
|
| Target Milestone: |
--- | |
|
| Hardware: |
Other | |
|
| OS: |
Other | |
|
| URL: |
https://smash.suse.de/issue/407187/
|
| Whiteboard: |
|
|
Found By:
|
Security Response Team
|
Services Priority:
|
|
|---|
|
Business Priority:
|
|
Blocker:
|
---
|
|---|
|
Marketing QA Status:
|
---
|
IT Deployment:
|
---
|
|---|
In the Linux kernel, the following vulnerability has been resolved: net: sched: sch: Bounds check priority Nothing was explicitly bounds checking the priority index used to access clpriop[]. WARN and bail out early if it's pathological. Seen with GCC 13: ../net/sched/sch_htb.c: In function 'htb_activate_prios': ../net/sched/sch_htb.c:437:44: warning: array subscript [0, 31] is outside array bounds of 'struct htb_prio[8]' [-Warray-bounds=] 437 | if (p->inner.clprio[prio].feed.rb_node) | ~~~~~~~~~~~~~~~^~~~~~ ../net/sched/sch_htb.c:131:41: note: while referencing 'clprio' 131 | struct htb_prio clprio[TC_HTB_NUMPRIO]; | ^~~~~~ References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-52734 https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2023/CVE-2023-52734.mbox https://git.kernel.org/stable/c/fbe71c5dacaa5a9960323215f118958174c81aa0 https://git.kernel.org/stable/c/90fcf55d83b20da1091f926a291af05fb74f61c6 https://git.kernel.org/stable/c/99875ea9b5b47995bfb3c684d21eb17feb4b7e6a https://git.kernel.org/stable/c/f6415c9c9a0b3881543d38528a58b54af4351522 https://git.kernel.org/stable/c/de5ca4c3852f896cacac2bf259597aab5e17d9e3 https://www.cve.org/CVERecord?id=CVE-2023-52734