#VU76392 Reachable Assertion in Linux kernel - CVE-2023-2156

Cybersecurity Help s.r.o.

Published: 2023-05-19 | Updated: 2023-10-05

Vulnerability identifier: #VU76392

Vulnerability risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-2156

CWE-ID: CWE-617

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a reachable assertion when handling IPv6 RPL protocol. A remote attacker can send specially crafted packets to the system and perform a denial of service (DoS) attack.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Linux kernel: before 6.3.8, 6.3.8

External links
https://www.zerodayinitiative.com/advisories/ZDI-23-547/
https://bugzilla.redhat.com/show_bug.cgi?id=2196292
https://www.openwall.com/lists/oss-security/2023/05/17/9
https://www.openwall.com/lists/oss-security/2023/05/17/8
https://www.openwall.com/lists/oss-security/2023/05/18/1

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Amazon Linux AMI update for kernel

Multiple vulnerabilities in Dell RecoverPoint for Virtual Machines

Multiple vulnerabilities in Dell ObjectScale

Amazon Linux AMI update for kernel-livepatch

Multiple vulnerabilities in Dell EMC VxRail Appliance

SUSE update for the Linux Kernel

Anolis OS update for kernel