[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2023-52435":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":68,"aliases":69,"duplicate_of":9,"upstream":70,"downstream":71,"duplicates":126,"related":127,"reserved_at":9,"published_at":139,"modified_at":140,"state":141,"summary":142,"references_raw":151,"kevs":187,"epss":188,"epss_history":191,"metrics":452,"affected":458},"CVE-2023-52435","In the Linux kernel, the following vulnerability has been resolved:\n\nnet: prevent mss overflow in skb_segment()\n\nOnce again syzbot is able to crash the kernel in skb_segment() [1]\n\nGSO_BY_FRAGS is a forbidden value, but unfortunately the following\ncomputation in skb_segment() can reach it quite easily :\n\n\tmss = mss * partial_segs;\n\n65535 = 3 * 5 * 17 * 257, so many initial values of mss can lead to\na bad final result.\n\nMake sure to limit segmentation so that the new mss value is smaller\nthan GSO_BY_FRAGS.\n\n[1]\n\ngeneral protection fault, probably for non-canonical address 0xdffffc000000000e: 0000 [#1] PREEMPT SMP KASAN\nKASAN: null-ptr-deref in range [0x0000000000000070-0x0000000000000077]\nCPU: 1 PID: 5079 Comm: syz-executor993 Not tainted 6.7.0-rc4-syzkaller-00141-g1ae4cd3cbdd0 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023\nRIP: 0010:skb_segment+0x181d/0x3f30 net/core/skbuff.c:4551\nCode: 83 e3 02 e9 fb ed ff ff e8 90 68 1c f9 48 8b 84 24 f8 00 00 00 48 8d 78 70 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 \u003C0f> b6 04 02 84 c0 74 08 3c 03 0f 8e 8a 21 00 00 48 8b 84 24 f8 00\nRSP: 0018:ffffc900043473d0 EFLAGS: 00010202\nRAX: dffffc0000000000 RBX: 0000000000010046 RCX: ffffffff886b1597\nRDX: 000000000000000e RSI: ffffffff886b2520 RDI: 0000000000000070\nRBP: ffffc90004347578 R08: 0000000000000005 R09: 000000000000ffff\nR10: 000000000000ffff R11: 0000000000000002 R12: ffff888063202ac0\nR13: 0000000000010000 R14: 000000000000ffff R15: 0000000000000046\nFS: 0000555556e7e380(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000020010000 CR3: 0000000027ee2000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\u003CTASK>\nudp6_ufo_fragment+0xa0e/0xd00 net/ipv6/udp_offload.c:109\nipv6_gso_segment+0x534/0x17e0 net/ipv6/ip6_offload.c:120\nskb_mac_gso_segment+0x290/0x610 net/core/gso.c:53\n__skb_gso_segment+0x339/0x710 net/core/gso.c:124\nskb_gso_segment include/net/gso.h:83 [inline]\nvalidate_xmit_skb+0x36c/0xeb0 net/core/dev.c:3626\n__dev_queue_xmit+0x6f3/0x3d60 net/core/dev.c:4338\ndev_queue_xmit include/linux/netdevice.h:3134 [inline]\npacket_xmit+0x257/0x380 net/packet/af_packet.c:276\npacket_snd net/packet/af_packet.c:3087 [inline]\npacket_sendmsg+0x24c6/0x5220 net/packet/af_packet.c:3119\nsock_sendmsg_nosec net/socket.c:730 [inline]\n__sock_sendmsg+0xd5/0x180 net/socket.c:745\n__sys_sendto+0x255/0x340 net/socket.c:2190\n__do_sys_sendto net/socket.c:2202 [inline]\n__se_sys_sendto net/socket.c:2198 [inline]\n__x64_sys_sendto+0xe0/0x1b0 net/socket.c:2198\ndo_syscall_x64 arch/x86/entry/common.c:52 [inline]\ndo_syscall_64+0x40/0x110 arch/x86/entry/common.c:83\nentry_SYSCALL_64_after_hwframe+0x63/0x6b\nRIP: 0033:0x7f8692032aa9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 d1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003C48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fff8d685418 EFLAGS: 00000246 ORIG_RAX: 000000000000002c\nRAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f8692032aa9\nRDX: 0000000000010048 RSI: 00000000200000c0 RDI: 0000000000000003\nRBP: 00000000000f4240 R08: 0000000020000540 R09: 0000000000000014\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007fff8d685480\nR13: 0000000000000001 R14: 00007fff8d685480 R15: 0000000000000003\n\u003C/TASK>\nModules linked in:\n---[ end trace 0000000000000000 ]---\nRIP: 0010:skb_segment+0x181d/0x3f30 net/core/skbuff.c:4551\nCode: 83 e3 02 e9 fb ed ff ff e8 90 68 1c f9 48 8b 84 24 f8 00 00 00 48 8d 78 70 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 \u003C0f> b6 04 02 84 c0 74 08 3c 03 0f 8e 8a 21 00 00 48 8b 84 24 f8 00\nRSP: 0018:ffffc900043473d0 EFLAGS: 00010202\nRAX: dffffc0000000000 RBX: 0000000000010046 RCX: ffffffff886b1597\nRDX: 000000000000000e RSI: ffffffff886b2520 RDI: 0000000000000070\nRBP: ffffc90004347578 R0\n---truncated---",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-119","Improper Restriction of Operations within the Bounds of a Memory Buffer","The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.","weakness","Stable","Class","High",[20,24,28,32,36,40,44,48,52,56,60,64],{"id":21,"name":22,"techniques":23},"CAPEC-10","Buffer Overflow via Environment Variables",[],{"id":25,"name":26,"techniques":27},"CAPEC-100","Overflow Buffers",[],{"id":29,"name":30,"techniques":31},"CAPEC-123","Buffer Manipulation",[],{"id":33,"name":34,"techniques":35},"CAPEC-14","Client-side Injection-induced Buffer Overflow",[],{"id":37,"name":38,"techniques":39},"CAPEC-24","Filter Failure through Buffer Overflow",[],{"id":41,"name":42,"techniques":43},"CAPEC-42","MIME Conversion",[],{"id":45,"name":46,"techniques":47},"CAPEC-44","Overflow Binary Resource File",[],{"id":49,"name":50,"techniques":51},"CAPEC-45","Buffer Overflow via Symbolic Links",[],{"id":53,"name":54,"techniques":55},"CAPEC-46","Overflow Variables and Tags",[],{"id":57,"name":58,"techniques":59},"CAPEC-47","Buffer Overflow via Parameter Expansion",[],{"id":61,"name":62,"techniques":63},"CAPEC-8","Buffer Overflow in an API Call",[],{"id":65,"name":66,"techniques":67},"CAPEC-9","Buffer Overflow in Local Command-Line Utilities",[],[],[],[],[72,74,76,78,80,82,84,86,88,90,92,94,96,98,100,102,104,106,108,110,112,114,116,118,120,122,124],{"_key":73},"SUSE-SU-2024:2802-1",{"_key":75},"SUSE-SU-2024:2894-1",{"_key":77},"SUSE-SU-2024:2892-1",{"_key":79},"SUSE-SU-2024:2901-1",{"_key":81},"SUSE-SU-2024:2940-1",{"_key":83},"SUSE-SU-2024:2896-1",{"_key":85},"SUSE-SU-2024:2939-1",{"_key":87},"SUSE-SU-2024:2947-1",{"_key":89},"SUSE-SU-2024:2973-1",{"_key":91},"DLA-3842-1",{"_key":93},"DSA-5681-1",{"_key":95},"SUSE-SU-2025:20008-1",{"_key":97},"SUSE-SU-2025:20028-1",{"_key":99},"DEBIAN-CVE-2023-52435",{"_key":101},"UBUNTU-CVE-2023-52435",{"_key":103},"USN-6724-1",{"_key":105},"USN-6724-2",{"_key":107},"USN-6766-1",{"_key":109},"USN-6766-2",{"_key":111},"USN-6766-3",{"_key":113},"USN-6767-1",{"_key":115},"USN-6767-2",{"_key":117},"USN-6795-1",{"_key":119},"USN-6828-1",{"_key":121},"USN-6926-1",{"_key":123},"USN-6926-2",{"_key":125},"USN-6926-3",[],[128,129,130,131,132,133,134,135,136,137,138],{"_key":73},{"_key":75},{"_key":77},{"_key":79},{"_key":81},{"_key":83},{"_key":85},{"_key":87},{"_key":89},{"_key":95},{"_key":97},"2024-02-20T18:27:27.245Z","2026-05-11T19:27:17.851Z","Modified",{"cisa_kev":143,"cisa_ransomware":143,"cisa_vendor":9,"epss_severity":144,"epss_score":145,"severity":146,"severity_score":147,"severity_version":148,"severity_source":149,"severity_vector":150,"severity_status":141},false,"low",0.00017,"medium",5.5,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",[152,157,162,166,170,174,178,182],{"url":153,"sources":154,"tags":156},"https://git.kernel.org/stable/c/0d3ffbbf8631d6db0552f46250015648991c856f",[155,149],"cve.org",[],{"url":158,"sources":159,"tags":160},"https://git.kernel.org/stable/c/cd1022eaf87be8e6151435bd4df4c242c347e083",[155,149],[161],"Patch",{"url":163,"sources":164,"tags":165},"https://git.kernel.org/stable/c/8f8f185643747fbb448de6aab0efa51c679909a3",[155,149],[161],{"url":167,"sources":168,"tags":169},"https://git.kernel.org/stable/c/6c53e8547687d9c767c139cd4b50af566f58c29a",[155,149],[161],{"url":171,"sources":172,"tags":173},"https://git.kernel.org/stable/c/989b0ff35fe5fc9652ee5bafbe8483db6f27b137",[155,149],[161],{"url":175,"sources":176,"tags":177},"https://git.kernel.org/stable/c/95b3904a261a9f810205da560e802cc326f50d77",[155,149],[161],{"url":179,"sources":180,"tags":181},"https://git.kernel.org/stable/c/23d05d563b7e7b0314e65c8e882bc27eac2da8e7",[155,149],[161],{"url":183,"sources":184,"tags":185},"https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html",[155,149],[186],"X Transferred",[],{"date":189,"score":145,"percentile":190},"2026-06-03",0.04243,[192,195,198,201,204,207,210,212,215,218,221,224,227,229,232,236,239,242,245,248,251,254,257,260,263,265,268,271,274,277,280,283,286,289,292,295,298,301,304,307,310,313,316,319,322,325,327,330,333,336,338,341,344,347,350,353,356,359,362,365,368,371,374,377,379,382,384,387,391,394,397,400,403,406,409,412,414,417,420,423,426,429,431,434,436,438,440,443,446,449],{"date":193,"score":145,"percentile":194},"2025-11-04",0.02814,{"date":196,"score":145,"percentile":197},"2025-11-05",0.02838,{"date":199,"score":145,"percentile":200},"2025-11-06",0.02865,{"date":202,"score":145,"percentile":203},"2025-11-07",0.02874,{"date":205,"score":145,"percentile":206},"2025-11-08",0.02883,{"date":208,"score":145,"percentile":209},"2025-11-09",0.02886,{"date":211,"score":145,"percentile":200},"2025-11-10",{"date":213,"score":145,"percentile":214},"2025-11-11",0.02888,{"date":216,"score":145,"percentile":217},"2025-11-12",0.02907,{"date":219,"score":145,"percentile":220},"2025-11-13",0.02934,{"date":222,"score":145,"percentile":223},"2025-11-14",0.02955,{"date":225,"score":145,"percentile":226},"2025-11-15",0.02983,{"date":228,"score":145,"percentile":226},"2025-11-16",{"date":230,"score":145,"percentile":231},"2025-11-17",0.0297,{"date":233,"score":234,"percentile":235},"2025-11-18",0.0009,0.21821,{"date":237,"score":234,"percentile":238},"2025-11-19",0.21833,{"date":240,"score":234,"percentile":241},"2025-11-20",0.21842,{"date":243,"score":145,"percentile":244},"2025-11-21",0.03053,{"date":246,"score":145,"percentile":247},"2025-11-22",0.03051,{"date":249,"score":145,"percentile":250},"2025-11-23",0.03045,{"date":252,"score":145,"percentile":253},"2025-11-24",0.03034,{"date":255,"score":145,"percentile":256},"2025-11-25",0.03015,{"date":258,"score":145,"percentile":259},"2025-11-26",0.02995,{"date":261,"score":145,"percentile":262},"2025-11-27",0.02996,{"date":264,"score":145,"percentile":262},"2025-11-28",{"date":266,"score":145,"percentile":267},"2025-11-29",0.03047,{"date":269,"score":145,"percentile":270},"2025-11-30",0.03048,{"date":272,"score":145,"percentile":273},"2025-12-01",0.03126,{"date":275,"score":145,"percentile":276},"2025-12-02",0.03123,{"date":278,"score":145,"percentile":279},"2025-12-03",0.03125,{"date":281,"score":145,"percentile":282},"2025-12-04",0.03052,{"date":284,"score":145,"percentile":285},"2025-12-05",0.03078,{"date":287,"score":145,"percentile":288},"2025-12-06",0.03097,{"date":290,"score":145,"percentile":291},"2025-12-07",0.03102,{"date":293,"score":145,"percentile":294},"2025-12-08",0.03104,{"date":296,"score":145,"percentile":297},"2025-12-09",0.03132,{"date":299,"score":145,"percentile":300},"2025-12-10",0.03169,{"date":302,"score":145,"percentile":303},"2025-12-11",0.03172,{"date":305,"score":145,"percentile":306},"2025-12-12",0.03182,{"date":308,"score":145,"percentile":309},"2025-12-13",0.03155,{"date":311,"score":145,"percentile":312},"2025-12-14",0.03154,{"date":314,"score":145,"percentile":315},"2025-12-15",0.03137,{"date":317,"score":145,"percentile":318},"2025-12-16",0.03135,{"date":320,"score":145,"percentile":321},"2025-12-17",0.03166,{"date":323,"score":145,"percentile":324},"2025-12-18",0.03175,{"date":326,"score":145,"percentile":324},"2025-12-19",{"date":328,"score":145,"percentile":329},"2025-12-20",0.03174,{"date":331,"score":145,"percentile":332},"2025-12-21",0.03188,{"date":334,"score":145,"percentile":335},"2025-12-22",0.03171,{"date":337,"score":145,"percentile":306},"2025-12-23",{"date":339,"score":145,"percentile":340},"2025-12-24",0.03193,{"date":342,"score":145,"percentile":343},"2025-12-25",0.03209,{"date":345,"score":145,"percentile":346},"2025-12-26",0.03207,{"date":348,"score":145,"percentile":349},"2025-12-27",0.03181,{"date":351,"score":145,"percentile":352},"2025-12-28",0.03197,{"date":354,"score":145,"percentile":355},"2025-12-29",0.0319,{"date":357,"score":145,"percentile":358},"2025-12-30",0.03165,{"date":360,"score":145,"percentile":361},"2025-12-31",0.03167,{"date":363,"score":145,"percentile":364},"2026-01-01",0.03245,{"date":366,"score":145,"percentile":367},"2026-01-02",0.03239,{"date":369,"score":145,"percentile":370},"2026-01-03",0.03238,{"date":372,"score":145,"percentile":373},"2026-01-04",0.0315,{"date":375,"score":145,"percentile":376},"2026-01-05",0.0314,{"date":378,"score":145,"percentile":318},"2026-01-06",{"date":380,"score":145,"percentile":381},"2026-01-07",0.03158,{"date":383,"score":145,"percentile":332},"2026-01-08",{"date":385,"score":145,"percentile":386},"2026-01-09",0.032,{"date":388,"score":389,"percentile":390},"2026-01-10",0.00015,0.02629,{"date":392,"score":389,"percentile":393},"2026-01-11",0.02611,{"date":395,"score":389,"percentile":396},"2026-01-12",0.02568,{"date":398,"score":389,"percentile":399},"2026-01-13",0.02559,{"date":401,"score":389,"percentile":402},"2026-01-14",0.02562,{"date":404,"score":389,"percentile":405},"2026-01-15",0.02555,{"date":407,"score":389,"percentile":408},"2026-01-16",0.02552,{"date":410,"score":389,"percentile":411},"2026-01-17",0.02556,{"date":413,"score":389,"percentile":399},"2026-01-18",{"date":415,"score":389,"percentile":416},"2026-01-19",0.02548,{"date":418,"score":389,"percentile":419},"2026-01-20",0.02535,{"date":421,"score":389,"percentile":422},"2026-01-21",0.02528,{"date":424,"score":389,"percentile":425},"2026-01-22",0.02524,{"date":427,"score":389,"percentile":428},"2026-01-23",0.02533,{"date":430,"score":389,"percentile":411},"2026-01-24",{"date":432,"score":389,"percentile":433},"2026-01-25",0.02551,{"date":435,"score":389,"percentile":416},"2026-01-26",{"date":437,"score":389,"percentile":416},"2026-01-27",{"date":439,"score":389,"percentile":433},"2026-01-28",{"date":441,"score":389,"percentile":442},"2026-01-29",0.02573,{"date":444,"score":389,"percentile":445},"2026-01-30",0.02583,{"date":447,"score":389,"percentile":448},"2026-01-31",0.02604,{"date":450,"score":389,"percentile":451},"2026-02-01",0.02663,[453],{"source":149,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":454,"cvss_v4_0":9},{"baseScore":147,"baseSeverity":455,"vectorString":150,"impactScore":456,"exploitabilityScore":457},"MEDIUM",6,4.6,[459,491],{"ecosystem":9,"name":460,"vendor":461,"product":461,"cpe_part":462,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":463},"Linux","linux","a",[464,471,474,477,480,483,486,489],{"version":465,"is_range":466,"range_type":155,"version_start":467,"version_start_type":468,"version_end":469,"version_end_type":470,"fixed_in":9},">= 3953c46c3ac7eef31a9935427371c6f54a22f1ba, \u003C 0d3ffbbf8631d6db0552f46250015648991c856f",true,"3953c46c3ac7eef31a9935427371c6f54a22f1ba","including","0d3ffbbf8631d6db0552f46250015648991c856f","excluding",{"version":472,"is_range":466,"range_type":155,"version_start":467,"version_start_type":468,"version_end":473,"version_end_type":470,"fixed_in":9},">= 3953c46c3ac7eef31a9935427371c6f54a22f1ba, \u003C cd1022eaf87be8e6151435bd4df4c242c347e083","cd1022eaf87be8e6151435bd4df4c242c347e083",{"version":475,"is_range":466,"range_type":155,"version_start":467,"version_start_type":468,"version_end":476,"version_end_type":470,"fixed_in":9},">= 3953c46c3ac7eef31a9935427371c6f54a22f1ba, \u003C 8f8f185643747fbb448de6aab0efa51c679909a3","8f8f185643747fbb448de6aab0efa51c679909a3",{"version":478,"is_range":466,"range_type":155,"version_start":467,"version_start_type":468,"version_end":479,"version_end_type":470,"fixed_in":9},">= 3953c46c3ac7eef31a9935427371c6f54a22f1ba, \u003C 6c53e8547687d9c767c139cd4b50af566f58c29a","6c53e8547687d9c767c139cd4b50af566f58c29a",{"version":481,"is_range":466,"range_type":155,"version_start":467,"version_start_type":468,"version_end":482,"version_end_type":470,"fixed_in":9},">= 3953c46c3ac7eef31a9935427371c6f54a22f1ba, \u003C 989b0ff35fe5fc9652ee5bafbe8483db6f27b137","989b0ff35fe5fc9652ee5bafbe8483db6f27b137",{"version":484,"is_range":466,"range_type":155,"version_start":467,"version_start_type":468,"version_end":485,"version_end_type":470,"fixed_in":9},">= 3953c46c3ac7eef31a9935427371c6f54a22f1ba, \u003C 95b3904a261a9f810205da560e802cc326f50d77","95b3904a261a9f810205da560e802cc326f50d77",{"version":487,"is_range":466,"range_type":155,"version_start":467,"version_start_type":468,"version_end":488,"version_end_type":470,"fixed_in":9},">= 3953c46c3ac7eef31a9935427371c6f54a22f1ba, \u003C 23d05d563b7e7b0314e65c8e882bc27eac2da8e7","23d05d563b7e7b0314e65c8e882bc27eac2da8e7",{"version":490,"is_range":143,"range_type":155,"version_start":490,"version_start_type":468,"version_end":490,"version_end_type":468,"fixed_in":9},"4.8",{"ecosystem":9,"name":492,"vendor":461,"product":493,"cpe_part":494,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":495},"linux kernel","linux_kernel","o",[496,500,504,508,512,516,518,520,522,524],{"version":497,"is_range":466,"range_type":498,"version_start":9,"version_start_type":9,"version_end":499,"version_end_type":470,"fixed_in":9},"lt5.4.269","cpe","5.4.269",{"version":501,"is_range":466,"range_type":498,"version_start":502,"version_start_type":468,"version_end":503,"version_end_type":470,"fixed_in":9},"gte5.5.0_lt5.10.210","5.5.0","5.10.210",{"version":505,"is_range":466,"range_type":498,"version_start":506,"version_start_type":468,"version_end":507,"version_end_type":470,"fixed_in":9},"gte5.11.0_lt5.15.149","5.11.0","5.15.149",{"version":509,"is_range":466,"range_type":498,"version_start":510,"version_start_type":468,"version_end":511,"version_end_type":470,"fixed_in":9},"gte5.16.0_lt6.1.79","5.16.0","6.1.79",{"version":513,"is_range":466,"range_type":498,"version_start":514,"version_start_type":468,"version_end":515,"version_end_type":470,"fixed_in":9},"gte6.2.0_lt6.6.11","6.2.0","6.6.11",{"version":517,"is_range":143,"range_type":498,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.7:rc1",{"version":519,"is_range":143,"range_type":498,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.7:rc2",{"version":521,"is_range":143,"range_type":498,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.7:rc3",{"version":523,"is_range":143,"range_type":498,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.7:rc4",{"version":525,"is_range":143,"range_type":498,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.7:rc5"]