CVE-2023-52703: net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path
In the Linux kernel, the following vulnerability has been resolved:
net/usb: kalmia: Don't pass actlen in usbbulkmsg error path
syzbot reported that actlen in kalmiasendinitpacket() is uninitialized when passing it to the first usbbulkmsg error path. Jiri Pirko noted that it's pointless to pass it in the error path, and that the value that would be printed in the second error path would be the value of actlen from the first call to usbbulkmsg.[1]
With this in mind, let's just not pass actlen to the usbbulkmsg error paths.
1: https://lore.kernel.org/lkml/Y9pY61y1nwTuzMOa@nanopsycho/
Other sources
In the Linux kernel, the following vulnerability has been resolved:
net/usb: kalmia: Don't pass actlen in usbbulkmsg error path
The Linux kernel CVE team has assigned CVE-2023-52703 to this issue.
Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024052157-CVE-2023-52703-abcb@gregkh/T
— Red Hat
Linux Kernel is vulnerable to a denial of service, caused by an error related to actlen in usbbulkmsg error path. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service.
— IBM
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of CVE-2023-52703?
CVE-2023-52703 is classified as a moderate severity vulnerability in the Linux kernel.
How do I fix CVE-2023-52703?
To fix CVE-2023-52703, update to the patched kernel versions: 4.14.306, 4.19.273, 5.4.232, 5.10.169, 5.15.95, 6.1.13, or 6.2.
What systems are affected by CVE-2023-52703?
CVE-2023-52703 affects various versions of the Linux kernel and specific IBM Security Verify Governance products.
Is CVE-2023-52703 exploited in the wild?
There is currently no public information indicating that CVE-2023-52703 is being actively exploited in the wild.
Who reported CVE-2023-52703?
CVE-2023-52703 was reported by syzbot, a tool for detecting bugs in the Linux kernel.