In the Linux kernel, the following vulnerability has been resolved:
can: dev: canputechoskb(): don't crash kernel if canpriv::echo_skb is accessed out of bounds
If the "struct canpriv::echooskb" is accessed out of bounds, this would cause a kernel crash. Instead, issue a meaningful warning message and return with an error.
{ "vanir_signatures": [ { "id": "CVE-2023-52878-2a669863", "signature_type": "Function", "target": { "file": "drivers/net/can/dev/skb.c", "function": "can_put_echo_skb" }, "deprecated": false, "digest": { "length": 914.0, "function_hash": "180548695764272940808099423409285163353" }, "signature_version": "v1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0d30931f1fa0fb893fb7d5dc32b6b7edfb775be4" }, { "id": "CVE-2023-52878-57484ce6", "signature_type": "Line", "target": { "file": "drivers/net/can/dev/skb.c" }, "deprecated": false, "digest": { "line_hashes": [ "209343666927790319430285497563407528140", "88763634699663085546243101204357391803", "135979079754482119589339673114150315895", "261347742569828057133491004917623102444" ], "threshold": 0.9 }, "signature_version": "v1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0d30931f1fa0fb893fb7d5dc32b6b7edfb775be4" }, { "id": "CVE-2023-52878-643acc68", "signature_type": "Line", "target": { "file": "drivers/net/can/dev/skb.c" }, "deprecated": false, "digest": { "line_hashes": [ "209343666927790319430285497563407528140", "88763634699663085546243101204357391803", "135979079754482119589339673114150315895", "261347742569828057133491004917623102444" ], "threshold": 0.9 }, "signature_version": "v1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6411959c10fe917288cbb1038886999148560057" }, { "id": "CVE-2023-52878-73f88eeb", "signature_type": "Function", "target": { "file": "drivers/net/can/dev/skb.c", "function": "can_put_echo_skb" }, "deprecated": false, "digest": { "length": 914.0, "function_hash": "180548695764272940808099423409285163353" }, "signature_version": "v1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6411959c10fe917288cbb1038886999148560057" }, { "id": "CVE-2023-52878-8fce03f2", "signature_type": "Function", "target": { "file": "drivers/net/can/dev/skb.c", "function": "can_put_echo_skb" }, "deprecated": false, "digest": { "length": 914.0, "function_hash": "180548695764272940808099423409285163353" }, "signature_version": "v1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@53c468008a7c9ca3f5fc985951f35ec2acae85bc" }, { "id": "CVE-2023-52878-beb135ce", "signature_type": "Line", "target": { "file": "drivers/net/can/dev/skb.c" }, "deprecated": false, "digest": { "line_hashes": [ "209343666927790319430285497563407528140", "88763634699663085546243101204357391803", "135979079754482119589339673114150315895", "261347742569828057133491004917623102444" ], "threshold": 0.9 }, "signature_version": "v1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@53c468008a7c9ca3f5fc985951f35ec2acae85bc" }, { "id": "CVE-2023-52878-c5cb8609", "signature_type": "Line", "target": { "file": "drivers/net/can/dev/skb.c" }, "deprecated": false, "digest": { "line_hashes": [ "209343666927790319430285497563407528140", "88763634699663085546243101204357391803", "135979079754482119589339673114150315895", "106724280181149421093889619462892384554" ], "threshold": 0.9 }, "signature_version": "v1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@826120c9ba68f2d0dbae58e99013929c883d1444" }, { "id": "CVE-2023-52878-ececbdaa", "signature_type": "Function", "target": { "file": "drivers/net/can/dev/skb.c", "function": "can_put_echo_skb" }, "deprecated": false, "digest": { "length": 755.0, "function_hash": "12265814507889341263455332527036850933" }, "signature_version": "v1", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@826120c9ba68f2d0dbae58e99013929c883d1444" } ] }