108 Star 72 Fork 298

src-openEuler/kernel

CVE-2023-52435

Done
CVE和安全问题 owner
Opened this issue  
2024-02-21 04:31

Comments (16)

openeuler-ci-bot createdCVE和安全问题 a year ago
openeuler-ci-bot added
 
CVE/UNFIXED
label
a year ago
Expand operation logs

Hi openeuler-ci-bot, welcome to the openEuler Community.
I'm the Bot here serving you. You can find the instructions on how to interact with me at Here.
If you have any questions, please contact the SIG: Kernel, and any of the maintainers.

openeuler-ci-bot added
 
sig/Kernel
label
a year ago
参考网址 关联pr 状态 补丁链接
https://nvd.nist.gov/vuln/detail/CVE-2023-52435NoneNonehttps://git.kernel.org/stable/c/95b3904a261a9f810205da560e802cc326f50d77
https://git.kernel.org/stable/c/23d05d563b7e7b0314e65c8e882bc27eac2da8e7
https://ubuntu.com/security/CVE-2023-52435NoneNonehttps://discourse.ubuntu.com/c/ubuntu-pro
https://www.opencve.io/cve/CVE-2023-52435NoneNonehttps://git.kernel.org/stable/c/95b3904a261a9f810205da560e802cc326f50d77
https://git.kernel.org/stable/c/23d05d563b7e7b0314e65c8e882bc27eac2da8e7
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2023-52435
https://security-tracker.debian.org/tracker/CVE-2023-52435NoneNonehttps://git.kernel.org/linus/23d05d563b7e7b0314e65c8e882bc27eac2da8e7

说明:补丁链接仅供初步排查参考,实际可用性请人工再次确认,补丁下载验证可使用CVE补丁工具
若补丁不准确,烦请在此issue下评论 '/report-patch 参考网址 补丁链接1,补丁链接2' 反馈正确信息,便于我们不断优化工具,不胜感激。
如 /report-patch https://security-tracker.debian.org/tracker/CVE-2021-3997 https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1

openeuler-ci-bot changed description a year ago
ci-robot related pull requestopenEuler/kernel Pull Request !4635 a year ago
ci-robot related pull requestopenEuler/kernel Pull Request !4636 a year ago
openeuler-ci-bot changed description a year ago
openeuler-ci-bot changed description a year ago
openeuler-ci-bot changed description a year ago
ci-robot related pull requestopenEuler/kernel Pull Request !4650 a year ago
ci-robot related pull requestopenEuler/kernel Pull Request !4651 a year ago
ci-robot related pull requestopenEuler/kernel Pull Request !4655 a year ago
ci-robot related pull requestopenEuler/kernel Pull Request !4656 a year ago
openeuler-ci-bot changed description a year ago
ci-robot related pull requestopenEuler/kernel Pull Request !4662 a year ago
openeuler-ci-bot changed description a year ago
ci-robot through merging Pull Request !4662: v3 CVE-2023-52435 changed issue state from 待办的 to 已完成 a year ago
openeuler-ci-bot changed issue state from 已完成 to 待办的 a year ago
openeuler-ci-bot removed
 
CVE/UNFIXED
label
a year ago
openeuler-ci-bot removed
 
sig/Kernel
label
a year ago
openeuler-ci-bot added
 
CVE/UNFIXED
label
a year ago
openeuler-ci-bot added
 
sig/Kernel
label
a year ago
openeuler-ci-bot changed description a year ago
openeuler-ci-bot set assignee to CTC-Xibo.Wang a year ago
openeuler-ci-bot changed description a year ago
openeuler-ci-bot changed description a year ago
ci-robot related pull requestopenEuler/kernel Pull Request !4684 a year ago
openeuler-sync-bot through merging Pull Request !4681: [sync] PR-4662: v3 CVE-2023-52435 changed issue state from 待办的 to 已完成 a year ago
openeuler-ci-bot changed issue state from 已完成 to 待办的 a year ago
openeuler-sync-bot through merging Pull Request !4682: [sync] PR-4662: v3 CVE-2023-52435 changed issue state from 待办的 to 已完成 a year ago
openeuler-ci-bot removed
 
CVE/UNFIXED
label
a year ago
openeuler-ci-bot removed
 
sig/Kernel
label
a year ago
openeuler-ci-bot added
 
CVE/UNFIXED
label
a year ago
openeuler-ci-bot added
 
sig/Kernel
label
a year ago
openeuler-ci-bot changed issue state from 已完成 to 待办的 a year ago
openeuler-ci-bot removed
 
CVE/UNFIXED
label
a year ago
openeuler-ci-bot removed
 
sig/Kernel
label
a year ago
openeuler-ci-bot added
 
CVE/UNFIXED
label
a year ago
openeuler-ci-bot added
 
sig/Kernel
label
a year ago
ci-robot through merging Pull Request !4684: v3 CVE-2023-52435 changed issue state from 待办的 to 已完成 a year ago
openeuler-ci-bot changed issue state from 已完成 to 待办的 a year ago
openeuler-ci-bot removed
 
CVE/UNFIXED
label
a year ago
openeuler-ci-bot removed
 
sig/Kernel
label
a year ago
openeuler-ci-bot added
 
CVE/UNFIXED
label
a year ago
openeuler-ci-bot added
 
sig/Kernel
label
a year ago
openeuler-ci-bot changed description a year ago
zhangjialin through merging Pull Request !1451: release 5.10.0-60.127.0 changed issue state from 待办的 to 已完成 a year ago
openeuler-ci-bot changed issue state from 已完成 to 待办的 a year ago
openeuler-ci-bot removed
 
CVE/UNFIXED
label
a year ago
openeuler-ci-bot removed
 
sig/Kernel
label
a year ago
openeuler-ci-bot added
 
CVE/UNFIXED
label
a year ago
openeuler-ci-bot added
 
sig/Kernel
label
a year ago
zhangjialin through merging Pull Request !1452: release 5.10.0-136.65.0 changed issue state from 待办的 to 已完成 a year ago
openeuler-ci-bot changed issue state from 已完成 to 待办的 a year ago
openeuler-ci-bot removed
 
CVE/UNFIXED
label
a year ago
openeuler-ci-bot removed
 
sig/Kernel
label
a year ago
openeuler-ci-bot added
 
CVE/UNFIXED
label
a year ago
openeuler-ci-bot added
 
sig/Kernel
label
a year ago
zhangjialin through merging Pull Request !1453: release 5.10.0-153.44.0 changed issue state from 待办的 to 已完成 a year ago
openeuler-ci-bot changed issue state from 已完成 to 待办的 a year ago
openeuler-ci-bot removed
 
CVE/UNFIXED
label
a year ago
openeuler-ci-bot removed
 
sig/Kernel
label
a year ago
openeuler-ci-bot added
 
CVE/UNFIXED
label
a year ago
openeuler-ci-bot added
 
sig/Kernel
label
a year ago
zhangjialin through merging Pull Request !1454: release 5.10.0-189.0.0 changed issue state from 待办的 to 已完成 a year ago
openeuler-ci-bot changed issue state from 已完成 to 待办的 a year ago
openeuler-ci-bot removed
 
CVE/UNFIXED
label
a year ago
openeuler-ci-bot removed
 
sig/Kernel
label
a year ago
openeuler-ci-bot added
 
CVE/UNFIXED
label
a year ago
openeuler-ci-bot added
 
sig/Kernel
label
a year ago
zhangjialin through merging Pull Request !1455: release 5.10.0-189.0.0 changed issue state from 待办的 to 已完成 a year ago
openeuler-ci-bot changed issue state from 已完成 to 待办的 a year ago
openeuler-ci-bot removed
 
CVE/UNFIXED
label
a year ago
openeuler-ci-bot removed
 
sig/Kernel
label
a year ago
openeuler-ci-bot added
 
CVE/UNFIXED
label
a year ago
openeuler-ci-bot added
 
sig/Kernel
label
a year ago
openeuler-ci-bot changed description a year ago
zhangchangzhong through merging Pull Request !1456: release 4.19.90-2402.6.0 changed issue state from 待办的 to 已完成 a year ago
openeuler-ci-bot changed issue state from 已完成 to 待办的 a year ago
openeuler-ci-bot removed
 
CVE/UNFIXED
label
a year ago
openeuler-ci-bot removed
 
sig/Kernel
label
a year ago
openeuler-ci-bot added
 
CVE/UNFIXED
label
a year ago
openeuler-ci-bot added
 
sig/Kernel
label
a year ago
hongrongxuan through merging Pull Request !1457: release 4.19.90-2402.6.0 changed issue state from 待办的 to 已完成 a year ago
openeuler-ci-bot changed issue state from 已完成 to 待办的 a year ago
openeuler-ci-bot removed
 
CVE/UNFIXED
label
a year ago
openeuler-ci-bot removed
 
sig/Kernel
label
a year ago
openeuler-ci-bot added
 
CVE/UNFIXED
label
a year ago
openeuler-ci-bot added
 
sig/Kernel
label
a year ago
openeuler-ci-bot changed description a year ago
openeuler-ci-bot changed description a year ago

CVE-2023-52435
I92HXW

影响性分析说明:
A flaw was found in the Linux kernel’s net/core/skbuff.c subsystem. The GSO_BY_FRAGS is a forbidden value and allows the following computation in skb_segment() to reach it. The : mss = mss * partial_segs and many initial mss values can lead to a bad final result. Limit the segmentation so that the new mss value is smaller than GSO_BY_FRAGS.

openEuler评分:(评分和向量)
4.7
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

受影响版本排查(受影响/不受影响):
1.openEuler-20.03-LTS-SP1(4.19.90):受影响
2.openEuler-20.03-LTS-SP3:受影响
3.openEuler-20.03-LTS-SP4:受影响
4.openEuler-22.03-LTS:受影响
5.openEuler-22.03-LTS-SP1:受影响
6.openEuler-22.03-LTS-SP2:受影响
7.openEuler-22.03-LTS-SP3:受影响
8.master(6.1.0):不受影响
9.openEuler-22.03-LTS-Next:受影响

修复是否涉及abi变化(是/否):
1.openEuler-20.03-LTS-SP1(4.19.90):否
2.openEuler-20.03-LTS-SP3:否
3.openEuler-20.03-LTS-SP4:否
4.openEuler-22.03-LTS:否
5.openEuler-22.03-LTS-SP1:否
6.openEuler-22.03-LTS-SP2:否
7.openEuler-22.03-LTS-SP3:否
8.master(6.1.0):否
9.openEuler-22.03-LTS-Next:否

openeuler-ci-bot changed description a year ago
郭梦琪 changed issue state from 待办的 to 已完成 a year ago
openeuler-ci-bot removed
 
CVE/UNFIXED
label
a year ago
openeuler-ci-bot removed
 
sig/Kernel
label
a year ago
openeuler-ci-bot added
 
CVE/FIXED
label
a year ago
openeuler-ci-bot added
 
sig/Kernel
label
a year ago
openeuler-ci-bot changed description a year ago
openeuler-ci-bot set start time to 2024-03-01 a year ago
openeuler-ci-bot set deadline to 2024-03-31 a year ago
openeuler-ci-bot set priority to Secondary a year ago

Sign in to comment

Status
Assignees
Projects
Duration (hours)
Planed to start   -   Planed to end
-
Top level
Priority
Branches
参与者(2)
5329419 openeuler ci bot 1632792936 郭梦琪-guo-mengqi
1
https://gitee.com/src-openeuler/kernel.git
git@gitee.com:src-openeuler/kernel.git
src-openeuler
kernel
kernel

Search