CVE-2023-52941

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2023-52941
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-52941.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-52941
Related
Published
2025-03-27T17:15:44Z
Modified
2025-03-28T18:11:49Z
Downstream
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

can: isotp: split tx timer into transmission and timeout

The timer for the transmission of isotp PDUs formerly had two functions: 1. send two consecutive frames with a given time gap 2. monitor the timeouts for flow control frames and the echo frames

This led to larger txstate checks and potentially to a problem discovered by syzbot which enabled the paniconwarn feature while testing.

The former 'txtimer' function is split into 'txfrtimer' and 'txtimer' to handle the two above functionalities with separate timer callbacks.

The two simplified timers now run in one-shot mode and make the state transitions (especially with isotprcvecho) better understandable.

References

Affected packages

Debian:12 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.1.11-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:13 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.1.11-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}