| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025102214-CVE-2023-53716-4265@gregkh>
Date: Wed, 22 Oct 2025 15:24:55 +0200
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: linux-cve-announce@...r.kernel.org
Cc: Greg Kroah-Hartman <gregkh@...nel.org>
Subject: CVE-2023-53716: net: fix skb leak in __skb_tstamp_tx()
From: Greg Kroah-Hartman <gregkh@...nel.org>
Description
===========
In the Linux kernel, the following vulnerability has been resolved:
net: fix skb leak in __skb_tstamp_tx()
Commit 50749f2dd685 ("tcp/udp: Fix memleaks of sk and zerocopy skbs with
TX timestamp.") added a call to skb_orphan_frags_rx() to fix leaks with
zerocopy skbs. But it ended up adding a leak of its own. When
skb_orphan_frags_rx() fails, the function just returns, leaking the skb
it just cloned. Free it before returning.
This bug was discovered and resolved using Coverity Static Analysis
Security Testing (SAST) by Synopsys, Inc.
The Linux kernel CVE team has assigned CVE-2023-53716 to this issue.
Affected and fixed versions
===========================
Issue introduced in 4.14.315 with commit 281072fb2a7294cde7acbf5375b879f40a8001b7 and fixed in 4.14.316 with commit 82501f1ead557cbee1c2467654ec109a80334d22
Issue introduced in 4.19.283 with commit 1f69c086b20e27763af28145981435423f088268 and fixed in 4.19.284 with commit 779332447108545ef04682ea29af5f85c0202aee
Issue introduced in 5.4.243 with commit 602fa8af44fd55a58f9e94eb673e8adad2c6cc46 and fixed in 5.4.244 with commit 58766252f6b2c0487cda6976a53d2bb03ae28e2a
Issue introduced in 5.10.180 with commit 230a5ed7d813fb516de81d23f09d7506753e41e9 and fixed in 5.10.181 with commit a594382ec6d0cc8cff5a8bc7e61b54e3858fb243
Issue introduced in 5.15.111 with commit 43e4197dd5f6b474a8b16f8b6a42cd45cf4f9d1a and fixed in 5.15.114 with commit e06841a2abf9c82735cee39e88b1d79464088840
Issue introduced in 6.1.28 with commit cb52e7f24c1d01a536a847dff0d1d95889cc3b5c and fixed in 6.1.31 with commit cc18b4685910d5d9de8314bae9c55790701b1811
Issue introduced in 6.3.2 with commit 426384dd4980040651536fef5feac4dcc4d7ee4e and fixed in 6.3.5 with commit f4d928c00254cfc9dd0ee7076f4a59bceec675f4
Issue introduced in 6.2.15 with commit 30290f210ba7426ff7592fe2eb4114b1b5bad219
Please see https://www.kernel.org for a full list of currently supported
kernel versions by the kernel community.
Unaffected versions might change over time as fixes are backported to
older supported kernel versions. The official CVE entry at
https://cve.org/CVERecord/?id=CVE-2023-53716
will be updated if fixes are backported, please check that for the most
up to date information about this issue.
Affected files
==============
The file(s) affected by this issue are:
net/core/skbuff.c
Mitigation
==========
The Linux kernel CVE team recommends that you update to the latest
stable kernel version for this, and many other bugfixes. Individual
changes are never tested alone, but rather are part of a larger kernel
release. Cherry-picking individual commits is not recommended or
supported by the Linux kernel community at all. If however, updating to
the latest release is impossible, the individual changes to resolve this
issue can be found at these commits:
https://git.kernel.org/stable/c/82501f1ead557cbee1c2467654ec109a80334d22
https://git.kernel.org/stable/c/779332447108545ef04682ea29af5f85c0202aee
https://git.kernel.org/stable/c/58766252f6b2c0487cda6976a53d2bb03ae28e2a
https://git.kernel.org/stable/c/a594382ec6d0cc8cff5a8bc7e61b54e3858fb243
https://git.kernel.org/stable/c/e06841a2abf9c82735cee39e88b1d79464088840
https://git.kernel.org/stable/c/cc18b4685910d5d9de8314bae9c55790701b1811
https://git.kernel.org/stable/c/f4d928c00254cfc9dd0ee7076f4a59bceec675f4
https://git.kernel.org/stable/c/8a02fb71d7192ff1a9a47c9d937624966c6e09af
Powered by blists - more mailing lists