What is the severity of CVE-2023-52735?

CVE-2023-52735 is classified as a high severity vulnerability in the Linux kernel.

How do I fix CVE-2023-52735?

To fix CVE-2023-52735, update the Linux kernel to version 5.15.95, 6.1.13, or 6.2 or later.

What systems are affected by CVE-2023-52735?

CVE-2023-52735 affects various versions of the Linux kernel including 5.15.x and 6.1.x before 6.2.

What kind of vulnerability is CVE-2023-52735?

CVE-2023-52735 is a recursive loop vulnerability in the BPF sockmap implementation of the Linux kernel.

Is CVE-2023-52735 exploitable remotely?

CVE-2023-52735 could be exploited by an attacker with local access to the system potentially resulting in denial of service.

Vulnerability/
CVE-2023-52735

critical

9.1

CWE

120

21/5/2024

2/4/2025

CVE-2023-52735: bpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself

First published: Tue May 21 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself sock_map proto callbacks should never call themselves by design. Protect against bugs like [1] and break out of the recursive loop to avoid a stack overflow in favor of a resource leak. [1] https://lore.kernel.org/all/00000000000073b14905ef2e7401@google.com/

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected Software	Affected Version	How to fix
redhat/kernel	<5.15.95	5.15.95
redhat/kernel	<6.1.13	6.1.13
redhat/kernel	<6.2	6.2
Linux Kernel	<5.15.95
Linux Kernel	>=5.16<6.1.13
Linux Kernel	=6.2-rc1
Linux Kernel	=6.2-rc2
Linux Kernel	=6.2-rc3
Linux Kernel	=6.2-rc4
Linux Kernel	=6.2-rc5
Linux Kernel	=6.2-rc6

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2023-52735?
CVE-2023-52735 is classified as a high severity vulnerability in the Linux kernel.
How do I fix CVE-2023-52735?
To fix CVE-2023-52735, update the Linux kernel to version 5.15.95, 6.1.13, or 6.2 or later.
What systems are affected by CVE-2023-52735?
CVE-2023-52735 affects various versions of the Linux kernel including 5.15.x and 6.1.x before 6.2.
What kind of vulnerability is CVE-2023-52735?
CVE-2023-52735 is a recursive loop vulnerability in the BPF sockmap implementation of the Linux kernel.
Is CVE-2023-52735 exploitable remotely?
CVE-2023-52735 could be exploited by an attacker with local access to the system potentially resulting in denial of service.

agent/title
agent/first-publish-date
agent/type
agent/author
agent/weakness
agent/event
agent/references
agent/description
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2023-52735
agent/software-canonical-lookup
agent/severity
collector/mitre-cve
source/MITRE
agent/source
collector/nvd-api
source/NVD
agent/remedy
agent/last-modified-date
agent/softwarecombine
agent/tags
package-manager/redhat
vendor/linux
canonical/linux kernel
version/linux kernel/5.16
version/linux kernel/6.2-rc1
version/linux kernel/6.2-rc2
version/linux kernel/6.2-rc3
version/linux kernel/6.2-rc4
version/linux kernel/6.2-rc5
version/linux kernel/6.2-rc6

Frequently Asked Questions

What is the severity of CVE-2023-52735?
CVE-2023-52735 is classified as a high severity vulnerability in the Linux kernel.
How do I fix CVE-2023-52735?
To fix CVE-2023-52735, update the Linux kernel to version 5.15.95, 6.1.13, or 6.2 or later.
What systems are affected by CVE-2023-52735?
CVE-2023-52735 affects various versions of the Linux kernel including 5.15.x and 6.1.x before 6.2.
What kind of vulnerability is CVE-2023-52735?
CVE-2023-52735 is a recursive loop vulnerability in the BPF sockmap implementation of the Linux kernel.
Is CVE-2023-52735 exploitable remotely?
CVE-2023-52735 could be exploited by an attacker with local access to the system potentially resulting in denial of service.

CVE-2023-52735: bpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2023-52735?

How do I fix CVE-2023-52735?

What systems are affected by CVE-2023-52735?

What kind of vulnerability is CVE-2023-52735?

Is CVE-2023-52735 exploitable remotely?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2023-52735?

How do I fix CVE-2023-52735?

What systems are affected by CVE-2023-52735?

What kind of vulnerability is CVE-2023-52735?

Is CVE-2023-52735 exploitable remotely?