目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1336

100%

CVE-2023-52578— Linux kernel 安全漏洞

AI 预测 5.5 利用难度: 极易 EPSS 0.19% · P9

影响版本矩阵 16

厂商产品版本范围状态
LinuxLinux1c29fc4989bc2a3838b2837adc12b8aeb0feeede< d2346e6beb699909ca455d9d20c4e577ce900839affected
1c29fc4989bc2a3838b2837adc12b8aeb0feeede< ad8d39c7b437fcdab7208a6a56c093d222c008d5affected
1c29fc4989bc2a3838b2837adc12b8aeb0feeede< 04cc361f029c14dd067ad180525c7392334c9bfdaffected
1c29fc4989bc2a3838b2837adc12b8aeb0feeede< 8bc97117b51d68d5cea8f5351cca2d8c4153f394affected
1c29fc4989bc2a3838b2837adc12b8aeb0feeede< 89f9f20b1cbd36d99d5a248a4bf8d11d4fd049a2affected
1c29fc4989bc2a3838b2837adc12b8aeb0feeede< f2ef4cb4d418fa64fe73eb84d10cc5c0e52e00faaffected
1c29fc4989bc2a3838b2837adc12b8aeb0feeede< 44bdb313da57322c9b3c108eb66981c6ec6509f4affected
2.6.17affected
… +8 条更多
获取后续新漏洞提醒登录后订阅

一、 漏洞 CVE-2023-52578 基础信息

漏洞信息

对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗

尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。

Vulnerability Title
net: bridge: use DEV_STATS_INC()
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: net: bridge: use DEV_STATS_INC() syzbot/KCSAN reported data-races in br_handle_frame_finish() [1] This function can run from multiple cpus without mutual exclusion. Adopt SMP safe DEV_STATS_INC() to update dev->stats fields. Handles updates to dev->stats.tx_dropped while we are at it. [1] BUG: KCSAN: data-race in br_handle_frame_finish / br_handle_frame_finish read-write to 0xffff8881374b2178 of 8 bytes by interrupt on cpu 1: br_handle_frame_finish+0xd4f/0xef0 net/bridge/br_input.c:189 br_nf_hook_thresh+0x1ed/0x220 br_nf_pre_routing_finish_ipv6+0x50f/0x540 NF_HOOK include/linux/netfilter.h:304 [inline] br_nf_pre_routing_ipv6+0x1e3/0x2a0 net/bridge/br_netfilter_ipv6.c:178 br_nf_pre_routing+0x526/0xba0 net/bridge/br_netfilter_hooks.c:508 nf_hook_entry_hookfn include/linux/netfilter.h:144 [inline] nf_hook_bridge_pre net/bridge/br_input.c:272 [inline] br_handle_frame+0x4c9/0x940 net/bridge/br_input.c:417 __netif_receive_skb_core+0xa8a/0x21e0 net/core/dev.c:5417 __netif_receive_skb_one_core net/core/dev.c:5521 [inline] __netif_receive_skb+0x57/0x1b0 net/core/dev.c:5637 process_backlog+0x21f/0x380 net/core/dev.c:5965 __napi_poll+0x60/0x3b0 net/core/dev.c:6527 napi_poll net/core/dev.c:6594 [inline] net_rx_action+0x32b/0x750 net/core/dev.c:6727 __do_softirq+0xc1/0x265 kernel/softirq.c:553 run_ksoftirqd+0x17/0x20 kernel/softirq.c:921 smpboot_thread_fn+0x30a/0x4a0 kernel/smpboot.c:164 kthread+0x1d7/0x210 kernel/kthread.c:388 ret_from_fork+0x48/0x60 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304 read-write to 0xffff8881374b2178 of 8 bytes by interrupt on cpu 0: br_handle_frame_finish+0xd4f/0xef0 net/bridge/br_input.c:189 br_nf_hook_thresh+0x1ed/0x220 br_nf_pre_routing_finish_ipv6+0x50f/0x540 NF_HOOK include/linux/netfilter.h:304 [inline] br_nf_pre_routing_ipv6+0x1e3/0x2a0 net/bridge/br_netfilter_ipv6.c:178 br_nf_pre_routing+0x526/0xba0 net/bridge/br_netfilter_hooks.c:508 nf_hook_entry_hookfn include/linux/netfilter.h:144 [inline] nf_hook_bridge_pre net/bridge/br_input.c:272 [inline] br_handle_frame+0x4c9/0x940 net/bridge/br_input.c:417 __netif_receive_skb_core+0xa8a/0x21e0 net/core/dev.c:5417 __netif_receive_skb_one_core net/core/dev.c:5521 [inline] __netif_receive_skb+0x57/0x1b0 net/core/dev.c:5637 process_backlog+0x21f/0x380 net/core/dev.c:5965 __napi_poll+0x60/0x3b0 net/core/dev.c:6527 napi_poll net/core/dev.c:6594 [inline] net_rx_action+0x32b/0x750 net/core/dev.c:6727 __do_softirq+0xc1/0x265 kernel/softirq.c:553 do_softirq+0x5e/0x90 kernel/softirq.c:454 __local_bh_enable_ip+0x64/0x70 kernel/softirq.c:381 __raw_spin_unlock_bh include/linux/spinlock_api_smp.h:167 [inline] _raw_spin_unlock_bh+0x36/0x40 kernel/locking/spinlock.c:210 spin_unlock_bh include/linux/spinlock.h:396 [inline] batadv_tt_local_purge+0x1a8/0x1f0 net/batman-adv/translation-table.c:1356 batadv_tt_purge+0x2b/0x630 net/batman-adv/translation-table.c:3560 process_one_work kernel/workqueue.c:2630 [inline] process_scheduled_works+0x5b8/0xa30 kernel/workqueue.c:2703 worker_thread+0x525/0x730 kernel/workqueue.c:2784 kthread+0x1d7/0x210 kernel/kthread.c:388 ret_from_fork+0x48/0x60 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304 value changed: 0x00000000000d7190 -> 0x00000000000d7191 Reported by Kernel Concurrency Sanitizer on: CPU: 0 PID: 14848 Comm: kworker/u4:11 Not tainted 6.6.0-rc1-syzkaller-00236-gad8a69f361b9 #0
来源: 美国国家漏洞数据库 NVD
CVSS Information
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Title
Linux kernel 安全漏洞
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于br_handle_frame_finish()函数可以在多个 cpu 上运行,而不会相互排斥。
来源: 中国国家信息安全漏洞库 CNNVD
CVSS Information
N/A
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Type
N/A
来源: 中国国家信息安全漏洞库 CNNVD

受影响产品

厂商产品影响版本CPE订阅
LinuxLinux 1c29fc4989bc2a3838b2837adc12b8aeb0feeede ~ d2346e6beb699909ca455d9d20c4e577ce900839 -
LinuxLinux 2.6.17 -

二、漏洞 CVE-2023-52578 的公开POC

#POC 描述源链接神龙链接
AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC

三、漏洞 CVE-2023-52578 的情报信息

登录查看更多情报信息。

CVE-2023-52578 其他参考 (7)

同批安全公告 · Linux · 2024-03-02 · 共 57 条

CVE-2023-52562Linux kernel 安全漏洞
CVE-2023-52581Linux kernel 安全漏洞
CVE-2023-52573Linux kernel 安全漏洞
CVE-2023-52577Linux kernel 安全漏洞
CVE-2023-52576Linux kernel 安全漏洞
CVE-2023-52574Linux kernel 安全漏洞
CVE-2023-52580Linux kernel 安全漏洞
CVE-2023-52565Linux kernel 安全漏洞
CVE-2023-52564Linux kernel 安全漏洞
CVE-2023-52563Linux kernel 安全漏洞
CVE-2023-52566Linux kernel 安全漏洞
CVE-2023-52561Linux kernel 安全漏洞
CVE-2023-52560Linux kernel 安全漏洞
CVE-2023-52559Linux kernel 安全漏洞
CVE-2023-52518Linux kernel 安全漏洞
CVE-2023-52532Linux kernel 安全漏洞
CVE-2023-52531Linux kernel 安全漏洞
CVE-2023-52530Linux kernel 安全漏洞
CVE-2023-52529Linux kernel 安全漏洞
CVE-2023-52528Linux kernel 安全漏洞

显示前 20 条,共 57 条。 查看全部 &rarr; →

IV. Related Vulnerabilities

V. Comments for CVE-2023-52578

暂无评论


发表评论