Vulnerabilities > CVE-2023-52596 - Out-of-bounds Write vulnerability in Linux Kernel
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix out of bounds access for empty sysctl registers When registering tables to the sysctl subsystem there is a check to see if header is a permanently empty directory (used for mounts). This check evaluates the first element of the ctl_table. This results in an out of bounds evaluation when registering empty directories. The function register_sysctl_mount_point now passes a ctl_table of size 1 instead of size 0. It now relies solely on the type to identify a permanently empty register. Make sure that the ctl_table has at least one element before testing for permanent emptiness.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- https://git.kernel.org/stable/c/15893975e9e382f8294ea8d926f08dc2d8d39ede
- https://git.kernel.org/stable/c/15893975e9e382f8294ea8d926f08dc2d8d39ede
- https://git.kernel.org/stable/c/2ae7081bc10123b187e36a4f3a8e53768de31489
- https://git.kernel.org/stable/c/2ae7081bc10123b187e36a4f3a8e53768de31489
- https://git.kernel.org/stable/c/315552310c7de92baea4e570967066569937a843
- https://git.kernel.org/stable/c/315552310c7de92baea4e570967066569937a843