CVE-2023-53141

Source
https://nvd.nist.gov/vuln/detail/CVE-2023-53141
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53141.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-53141
Related
Published
2025-05-02T16:15:33Z
Modified
2025-05-05T22:55:46.201594Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

ila: do not generate empty messages in ilaxlatnlcmdget_mapping()

ilaxlatnlcmdget_mapping() generates an empty skb, triggerring a recent sanity check [1].

Instead, return an error code, so that user space can get it.

[1] skbassertlen WARNING: CPU: 0 PID: 5923 at include/linux/skbuff.h:2527 skbassertlen include/linux/skbuff.h:2527 [inline] WARNING: CPU: 0 PID: 5923 at include/linux/skbuff.h:2527 devqueuexmit+0x1bc0/0x3488 net/core/dev.c:4156 Modules linked in: CPU: 0 PID: 5923 Comm: syz-executor269 Not tainted 6.2.0-syzkaller-18300-g2ebd1fbb946d #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/21/2023 pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : skbassertlen include/linux/skbuff.h:2527 [inline] pc : _devqueuexmit+0x1bc0/0x3488 net/core/dev.c:4156 lr : skbassertlen include/linux/skbuff.h:2527 [inline] lr : _devqueuexmit+0x1bc0/0x3488 net/core/dev.c:4156 sp : ffff80001e0d6c40 x29: ffff80001e0d6e60 x28: dfff800000000000 x27: ffff0000c86328c0 x26: dfff800000000000 x25: ffff0000c8632990 x24: ffff0000c8632a00 x23: 0000000000000000 x22: 1fffe000190c6542 x21: ffff0000c8632a10 x20: ffff0000c8632a00 x19: ffff80001856e000 x18: ffff80001e0d5fc0 x17: 0000000000000000 x16: ffff80001235d16c x15: 0000000000000000 x14: 0000000000000000 x13: 0000000000000001 x12: 0000000000000001 x11: ff80800008353a30 x10: 0000000000000000 x9 : 21567eaf25bfb600 x8 : 21567eaf25bfb600 x7 : 0000000000000001 x6 : 0000000000000001 x5 : ffff80001e0d6558 x4 : ffff800015c74760 x3 : ffff800008596744 x2 : 0000000000000001 x1 : 0000000100000000 x0 : 000000000000000e Call trace: skbassertlen include/linux/skbuff.h:2527 [inline] _devqueuexmit+0x1bc0/0x3488 net/core/dev.c:4156 devqueuexmit include/linux/netdevice.h:3033 [inline] _netlinkdelivertapskb net/netlink/afnetlink.c:307 [inline] _netlinkdelivertap+0x45c/0x6f8 net/netlink/afnetlink.c:325 netlinkdelivertap+0xf4/0x174 net/netlink/afnetlink.c:338 _netlinksendskb net/netlink/afnetlink.c:1283 [inline] netlinksendskb+0x6c/0x154 net/netlink/afnetlink.c:1292 netlinkunicast+0x334/0x8d4 net/netlink/afnetlink.c:1380 nlmsgunicast include/net/netlink.h:1099 [inline] genlmsgunicast include/net/genetlink.h:433 [inline] genlmsgreply include/net/genetlink.h:443 [inline] ilaxlatnlcmdgetmapping+0x620/0x7d0 net/ipv6/ila/ilaxlat.c:493 genlfamilyrcvmsgdoit net/netlink/genetlink.c:968 [inline] genlfamilyrcvmsg net/netlink/genetlink.c:1048 [inline] genlrcvmsg+0x938/0xc1c net/netlink/genetlink.c:1065 netlinkrcvskb+0x214/0x3c4 net/netlink/afnetlink.c:2574 genlrcv+0x38/0x50 net/netlink/genetlink.c:1076 netlinkunicastkernel net/netlink/afnetlink.c:1339 [inline] netlinkunicast+0x660/0x8d4 net/netlink/afnetlink.c:1365 netlinksendmsg+0x800/0xae0 net/netlink/afnetlink.c:1942 socksendmsgnosec net/socket.c:714 [inline] socksendmsg net/socket.c:734 [inline] syssendmsg+0x558/0x844 net/socket.c:2479 _syssendmsg net/socket.c:2533 [inline] _syssendmsg+0x26c/0x33c net/socket.c:2562 _dosyssendmsg net/socket.c:2571 [inline] _sesyssendmsg net/socket.c:2569 [inline] _arm64syssendmsg+0x80/0x94 net/socket.c:2569 _invokesyscall arch/arm64/kernel/syscall.c:38 [inline] invokesyscall+0x98/0x2c0 arch/arm64/kernel/syscall.c:52 el0svccommon+0x138/0x258 arch/arm64/kernel/syscall.c:142 doel0svc+0x64/0x198 arch/arm64/kernel/syscall.c:193 el0svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637 el0t64synchandler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655 el0t64sync+0x190/0x194 arch/arm64/kernel/entry.S:591 irq event stamp: 136484 hardirqs last enabled at (136483): [<ffff800008350244>] _upconsolesem+0x60/0xb4 kernel/printk/printk.c:345 hardirqs last disabled at (136484): [<ffff800012358d60>] el1dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:405 softirqs last enabled at (136418): [<ffff800008020ea8>] softirq_ha ---truncated---

References

Affected packages

Debian:11 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.10.178-1

Affected versions

5.*

5.10.46-4
5.10.46-5
5.10.70-1~bpo10+1
5.10.70-1
5.10.84-1
5.10.92-1~bpo10+1
5.10.92-1
5.10.92-2
5.10.103-1~bpo10+1
5.10.103-1
5.10.106-1
5.10.113-1
5.10.120-1~bpo10+1
5.10.120-1
5.10.127-1
5.10.127-2~bpo10+1
5.10.127-2
5.10.136-1
5.10.140-1
5.10.148-1
5.10.149-1
5.10.149-2
5.10.158-1
5.10.158-2
5.10.162-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.1.20-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.1.20-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}