In the Linux kernel, the following vulnerability has been resolved:
bpf, sockmap: Don't let sockmap{close,destroy,unhash} call itself
sock_map proto callbacks should never call themselves by design. Protect against bugs like [1] and break out of the recursive loop to avoid a stack overflow in favor of a resource leak.
[1] https://lore.kernel.org/all/00000000000073b14905ef2e7401@google.com/
{ "vanir_signatures": [ { "signature_version": "v1", "target": { "function": "sock_map_destroy", "file": "net/core/sock_map.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f312367f5246e04df564d341044286e9e37a97ba", "deprecated": false, "digest": { "length": 400.0, "function_hash": "32885160527949173434740082311053410801" }, "id": "CVE-2023-52735-031caaeb" }, { "signature_version": "v1", "target": { "function": "sock_map_close", "file": "net/core/sock_map.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7499859881488da97589f3c79cc66fa75748ad49", "deprecated": false, "digest": { "length": 485.0, "function_hash": "12303799566935612535047619387458055388" }, "id": "CVE-2023-52735-0a7068c8" }, { "signature_version": "v1", "target": { "function": "sock_map_destroy", "file": "net/core/sock_map.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7499859881488da97589f3c79cc66fa75748ad49", "deprecated": false, "digest": { "length": 400.0, "function_hash": "32885160527949173434740082311053410801" }, "id": "CVE-2023-52735-1df0222f" }, { "signature_version": "v1", "target": { "file": "net/core/sock_map.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7499859881488da97589f3c79cc66fa75748ad49", "deprecated": false, "digest": { "line_hashes": [ "119502571003129985983506984433015486465", "126535639279216487718448763350897325199", "187536988381639705094246507710469661608", "196517501279197128474219856123673033927", "167477267134186041988551233723116371818", "200137660525215167166307637607747294882", "161387256888631995344990123140424280090", "172195722131896929016219863647855734554", "85209029676351318747731804714519384534", "128476363946802797875715738922436780178", "188786580526042729090536825184102457802", "38750059063407106578287548250746794080", "280433627835158739246832508376367948168", "115195243983690700387679235797427848487", "28497837466466828555530547775074672949", "232851238681829191860770484752770535730", "14332735058671053862369157966369058376", "639264481716057732698937668712813043", "199449688797896323448982596893463449527", "223728705215577450627272125926198047975", "74838140874635469863925305459607784177", "233102728622324194891846364209967334893", "209123526563601927123312817515384233744", "293116565803711316209395983952786287272", "131598073221599931660238376172897795382", "206013581669320694799215687693155982070", "83907235697384819349674320071975754090", "244609994862317963412091264745543317928", "230081692248432352416534896923719861198", "32866157912230801726280077951821661892", "299738000164665679891441951661166419273", "83605534391905036122519259272944807752", "306375398714258577389934488532208686520", "300866347630261510580653324219535872771", "277997281149683037503427035286380026700", "48352254793231253499539373839989777018" ], "threshold": 0.9 }, "id": "CVE-2023-52735-479f83ab" }, { "signature_version": "v1", "target": { "function": "sock_map_unhash", "file": "net/core/sock_map.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7499859881488da97589f3c79cc66fa75748ad49", "deprecated": false, "digest": { "length": 352.0, "function_hash": "227861042937863967663281858505514499192" }, "id": "CVE-2023-52735-7738c215" }, { "signature_version": "v1", "target": { "function": "sock_map_close", "file": "net/core/sock_map.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f312367f5246e04df564d341044286e9e37a97ba", "deprecated": false, "digest": { "length": 485.0, "function_hash": "12303799566935612535047619387458055388" }, "id": "CVE-2023-52735-dba7c0af" }, { "signature_version": "v1", "target": { "file": "net/core/sock_map.c" }, "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f312367f5246e04df564d341044286e9e37a97ba", "deprecated": false, "digest": { "line_hashes": [ "119502571003129985983506984433015486465", "126535639279216487718448763350897325199", "187536988381639705094246507710469661608", "196517501279197128474219856123673033927", "167477267134186041988551233723116371818", "200137660525215167166307637607747294882", "161387256888631995344990123140424280090", "172195722131896929016219863647855734554", "85209029676351318747731804714519384534", "128476363946802797875715738922436780178", "188786580526042729090536825184102457802", "38750059063407106578287548250746794080", "280433627835158739246832508376367948168", "115195243983690700387679235797427848487", "28497837466466828555530547775074672949", "232851238681829191860770484752770535730", "14332735058671053862369157966369058376", "639264481716057732698937668712813043", "199449688797896323448982596893463449527", "223728705215577450627272125926198047975", "74838140874635469863925305459607784177", "233102728622324194891846364209967334893", "209123526563601927123312817515384233744", "293116565803711316209395983952786287272", "131598073221599931660238376172897795382", "206013581669320694799215687693155982070", "83907235697384819349674320071975754090", "244609994862317963412091264745543317928", "230081692248432352416534896923719861198", "32866157912230801726280077951821661892", "299738000164665679891441951661166419273", "83605534391905036122519259272944807752", "306375398714258577389934488532208686520", "300866347630261510580653324219535872771", "277997281149683037503427035286380026700", "48352254793231253499539373839989777018" ], "threshold": 0.9 }, "id": "CVE-2023-52735-e5f24b78" }, { "signature_version": "v1", "target": { "function": "sock_map_unhash", "file": "net/core/sock_map.c" }, "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f312367f5246e04df564d341044286e9e37a97ba", "deprecated": false, "digest": { "length": 352.0, "function_hash": "227861042937863967663281858505514499192" }, "id": "CVE-2023-52735-febe8884" } ] }