Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc95xx: Limit packet length to skb->len Packet length retrieved from descriptor may be larger than the actual socket buffer length. In such case the cloned skb passed up the network stack will leak kernel memory contents.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 2.6.28, < 4.14.312 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/33d1603a38e05886c538129ddfe00bd52d347e7bPatch
- https://git.kernel.org/stable/c/70eb25c6a6cde149affe8a587371a3a8ad295ba0Patch
- https://git.kernel.org/stable/c/733580e268a53db1cd01f2251419da91866378f6Patch
- https://git.kernel.org/stable/c/ba6c40227108f8ee428e42eb0337b48ed3001e65Patch
- https://git.kernel.org/stable/c/d3c145a4d24b752c9a1314d5a595014d51471418Patch
- https://git.kernel.org/stable/c/e041bef1adee02999cf24f9a2e15ed452bc363fePatch
- https://git.kernel.org/stable/c/f2111c791d885211714db85f9a06188571c57dd0Patch
- https://git.kernel.org/stable/c/ff821092cf02a70c2bccd2d19269f01e29aa52cfPatch
FAQ
What is CVE-2023-53062?
CVE-2023-53062 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc95xx: Limit packet length to skb->len Packet length retrieved from descriptor may be larger than the actual socket b...
How severe is CVE-2023-53062?
CVE-2023-53062 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-53062?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.