CVE-2023-52513: RDMA/siw: Fix connection failure handling

Published Mar 2, 2024
·
Updated

In the Linux kernel, the following vulnerability has been resolved:

RDMA/siw: Fix connection failure handling

In case immediate MPA request processing fails, the newly created endpoint unlinks the listening endpoint and is ready to be dropped. This special case was not handled correctly by the code handling the later TCP socket close, causing a NULL dereference crash in siwcmworkhandler() when dereferencing a NULL listener. We now also cancel the useless MPA timeout, if immediate MPA request processing fails.

This patch furthermore simplifies MPA processing in general: Scheduling a useless TCP socket read in skdataready() upcall is now surpressed, if the socket is already moved out of TCPESTABLISHED state.

Other sources

In the Linux kernel, the following vulnerability has been resolved:

RDMA/siw: Fix connection failure handling

The Linux kernel CVE team has assigned CVE-2023-52513 to this issue.

Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024030251-CVE-2023-52513-5224@gregkh/T/#u

Red Hat

Linux Kernel is vulnerable to a denial of service, caused by an error related to the handling of a connection failure. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service.

IBM

Affected Software

19 affected componentsFixes available
redhat/kernel<5.4.258
5.4.258
redhat/kernel<5.10.198
5.10.198
redhat/kernel<5.15.135
5.15.135
redhat/kernel<6.1.57
6.1.57
redhat/kernel<6.5.7
6.5.7
redhat/kernel<6.6
6.6
Linux Linux kernel>=5.3<5.4.258
Linux Linux kernel>=5.5<5.10.198
Linux Linux kernel>=5.11<5.15.135
Linux Linux kernel>=5.16<6.1.57
Linux Linux kernel>=6.2<6.5.7
Linux Linux kernel=6.6-rc1
Linux Linux kernel=6.6-rc2
Linux Linux kernel=6.6-rc3
Linux Linux kernel=6.6-rc4
IBM Security Verify Governance<=ISVG 10.0.2
IBM Security Verify Governance, Identity Manager Software Stack<=ISVG 10.0.2
IBM Security Verify Governance, Identity Manager Virtual Appliance<=ISVG 10.0.2
IBM Security Verify Governance Identity Manager Container<=ISVG 10.0.2

Remediation

Patch Available

https://git.kernel.org/stable/c/0d520cdb0cd095eac5d00078dfd318408c9b5eed

Patch Available

https://git.kernel.org/stable/c/53a3f777049771496f791504e7dc8ef017cba590

Patch Available

https://git.kernel.org/stable/c/5cf38e638e5d01b68f9133968a85e8b3fd1ecf2f

Patch Available

https://git.kernel.org/stable/c/6e26812e289b374c17677d238164a5a8f5770594

Patch Available

https://git.kernel.org/stable/c/81b7bf367eea795d259d0261710c6a89f548844d

Patch Available

https://git.kernel.org/stable/c/eeafc50a77f6a783c2c44e7ec3674a7b693e06f8

Event History

Mar 2, 2024
CVE Published
via MITRE·09:52 PM
Data Sourced
via MITRE·09:52 PM
Description
Mar 4, 2024
Data Sourced
via Red Hat·07:48 PM
DescriptionSeverityAffected Software

Parent advisories

This vulnerability appears in the following advisories.

Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Frequently Asked Questions

1

What is the severity of CVE-2023-52513?

CVE-2023-52513 has been classified as having a medium severity level due to potential disruption in connection handling.

2

How do I fix CVE-2023-52513?

To fix CVE-2023-52513, update to the latest kernel version mentioned in the vulnerability advisory, such as 5.4.258, 5.10.198, 5.15.135, 6.1.57, 6.5.7, or 6.6.

3

Which systems are affected by CVE-2023-52513?

CVE-2023-52513 affects various versions of the Linux kernel, specifically versions prior to 5.4.258, 5.10.198, 5.15.135, 6.1.57, 6.5.7, and 6.6.

4

What type of vulnerability is CVE-2023-52513?

CVE-2023-52513 is categorized as a connection handling vulnerability within the Linux kernel related to RDMA/siw.

5

When was CVE-2023-52513 discovered?

CVE-2023-52513 was publicly disclosed in October 2023 following the identification and resolution of the issue in the Linux kernel.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203