Description

In the Linux kernel, the following vulnerability has been resolved: xen/netback: Fix buffer overrun triggered by unusual packet It is possible that a guest can send a packet that contains a head + 18 slots and yet has a len <= XEN_NETBACK_TX_COPY_LEN. This causes nr_slots to underflow in xenvif_get_requests() which then causes the subsequent loop's termination condition to be wrong, causing a buffer overrun of queue->tx_map_ops. Rework the code to account for the extra frag_overflow slots. This is CVE-2023-34319 / XSA-432.

INFO

Published Date :

2025-10-01T11:45:53.127Z

Last Modified :

2025-10-01T13:08:20.461Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2023-53502 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2023-53502.

URL Resource
https://git.kernel.org/stable/c/11e6919ae028b5de1fc48007354ea07069561b31
https://git.kernel.org/stable/c/534fc31d09b706a16d83533e16b5dc855caf7576
https://git.kernel.org/stable/c/b14a3924c2675c22e07a5a190223b6b6cdc2867d
https://git.kernel.org/stable/c/bc7b9a6c2ca42b116b0f24dbaa52b5a07d96d1d6
https://git.kernel.org/stable/c/cf482893f721f76ac60c0a43482a59b2f194156b
https://git.kernel.org/stable/c/e1142d87c185c7d7bbf05d175754638b5b9dbf16
https://git.kernel.org/stable/c/f9167a2d6b943f30743de6ff8163d1981c34f9a9
https://git.kernel.org/stable/c/fa5b932b77c815d0e416612859d5899424bb4212
Login to claim this CVE

CVSS Vulnerability Scoring System