CVE-2023-34256

An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4_group_desc_csum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend against attackers with the stated "When modifying the block device while it is mounted by the filesystem" access.

CVSS v3.0 5.5 MEDIUM

5.5^/10

CVSS v3.0 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4f04351888a83e595571de672e0a4a8b74f4fb31	Mailing List Patch
https://syzkaller.appspot.com/bug?extid=8785e41224a3afd04321	Mailing List Patch
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.3	Mailing List Patch
https://bugzilla.suse.com/show_bug.cgi?id=1211895	Issue Tracking Patch Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html	Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html	Mailing List Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR	cpe:2.3:o:suse:linux_enterprise:15.0:sp4::::::
	cpe:2.3:o:suse:linux_enterprise:15.0:sp5::::::
	cpe:2.3:o:suse:linux_enterprise:12.0:sp5::::::

Configuration 3 (hide)

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Information

Published : 2023-05-31 20:15

Updated : 2023-11-15 02:51

NVD link : CVE-2023-34256

Mitre link : CVE-2023-34256

JSON object : View

Products Affected

linux

linux_kernel

debian

debian_linux

suse

linux_enterprise

CWE

CWE-125

Out-of-bounds Read

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4f04351888a83e595571de672e0a4a8b74f4fb31", "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4f04351888a83e595571de672e0a4a8b74f4fb31", "tags": ["Mailing List", "Patch"], "refsource": "MISC"}, {"url": "https://syzkaller.appspot.com/bug?extid=8785e41224a3afd04321", "name": "https://syzkaller.appspot.com/bug?extid=8785e41224a3afd04321", "tags": ["Mailing List", "Patch"], "refsource": "MISC"}, {"url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.3", "name": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.3", "tags": ["Mailing List", "Patch"], "refsource": "MISC"}, {"url": "https://bugzilla.suse.com/show_bug.cgi?id=1211895", "name": "https://bugzilla.suse.com/show_bug.cgi?id=1211895", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "refsource": "MISC"}, {"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html", "name": "[debian-lts-announce] 20230727 [SECURITY] [DLA 3508-1] linux security update", "tags": ["Mailing List", "Third Party Advisory"], "refsource": "MLIST"}, {"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html", "name": "[debian-lts-announce] 20231019 [SECURITY] [DLA 3623-1] linux-5.10 security update", "tags": ["Mailing List", "Third Party Advisory"], "refsource": "MLIST"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4_group_desc_csum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend against attackers with the stated \"When modifying the block device while it is mounted by the filesystem\" access."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-125"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2023-34256", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}}, "publishedDate": "2023-05-31T20:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "6.3.3"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise:15.0:sp4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise:15.0:sp5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:suse:linux_enterprise:12.0:sp5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2023-11-15T02:51Z"}