CVE-2023-53117

Description

In the Linux kernel, the following vulnerability has been resolved: fs: prevent out-of-bounds array speculation when closing a file descriptor Google-Bug-Id: 114199369

CVSS Metrics

• v3.1•HIGH•Score: 7.1CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

EPSS Trends

Current EPSS score: 0.06%• Percentile: 18%

Techniques & Countermeasures

• CWE-125•Out-of-bounds Read

  The product reads data past the end, or before the beginning, of the intended buffer.

Affected Systems

• linux•linux

  ≥ 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, < f31cd5da636682caea424fa1c22679016cbfc16b | ≥ 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, < 3d5d9501b634fd268eb56428cda92cd317752d69 | ≥ 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, < 6631c8da02cfad96c53b217cf647b511c7f34faf | ≥ 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, < a759905de9cd6ec9ca08ceadf0920272772ed830 | ≥ 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, < f8cd8754a03a3748384ee438c572423643c9c315 | ≥ 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, < cec08b7d1ebcd3138d4658b3868ce26aeb1e8e06 | ≥ 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, < eea8e4e056a5ffbeb539a13854c017d5d62c756a | ≥ 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, < 609d54441493c99f21c1823dfd66fa7f4c512ff4 | 2.6.12

• linux•linux_kernel

  < 4.14.310 | ≥ 4.15, < 4.19.278 | ≥ 4.20, < 5.4.237 | ≥ 5.5, < 5.10.175 | ≥ 5.11, < 5.15.103 | ≥ 5.16, < 6.1.20 | ≥ 6.2, < 6.2.7 | 6.3:rc1

References (8)

• https://git.kernel.org/stable/c/f31cd5da636682caea424fa1c22679016cbfc16b
• https://git.kernel.org/stable/c/3d5d9501b634fd268eb56428cda92cd317752d69
• https://git.kernel.org/stable/c/6631c8da02cfad96c53b217cf647b511c7f34faf
• https://git.kernel.org/stable/c/a759905de9cd6ec9ca08ceadf0920272772ed830
• https://git.kernel.org/stable/c/f8cd8754a03a3748384ee438c572423643c9c315
• https://git.kernel.org/stable/c/cec08b7d1ebcd3138d4658b3868ce26aeb1e8e06
• https://git.kernel.org/stable/c/eea8e4e056a5ffbeb539a13854c017d5d62c756a
• https://git.kernel.org/stable/c/609d54441493c99f21c1823dfd66fa7f4c512ff4