Home

Description

In the Linux kernel, the following vulnerability has been resolved: dccp: Fix out of bounds access in DCCP error handler There was a previous attempt to fix an out-of-bounds access in the DCCP error handlers, but that fix assumed that the error handlers only want to access the first 8 bytes of the DCCP header. Actually, they also look at the DCCP sequence number, which is stored beyond 8 bytes, so an explicit pskb_may_pull() is required.

PUBLISHED Reserved 2025-12-08 | Published 2025-12-09 | Updated 2025-12-09 | Assigner Linux

Product status

Default status
unaffected

6706a97fec963d6cb3f7fc2978ec1427b4651214 (git) before 3533e10272555c422a7d51ebc0ce8c483429f7f2
affected

6706a97fec963d6cb3f7fc2978ec1427b4651214 (git) before 177212bf6dc1ff2d13d0409cddc5c9e81feec63d
affected

6706a97fec963d6cb3f7fc2978ec1427b4651214 (git) before 7a7dd70cb954d3efa706a429687ded88c02496fa
affected

6706a97fec963d6cb3f7fc2978ec1427b4651214 (git) before 4b8a938e329ae4eb54b73b0c87b5170607b038a8
affected

6706a97fec963d6cb3f7fc2978ec1427b4651214 (git) before 6ecf09699eb1554299aa1e7fd13e9e80f656c2f9
affected

6706a97fec963d6cb3f7fc2978ec1427b4651214 (git) before f8a7f10a1dccf9868ff09342a73dce27501b86df
affected

6706a97fec963d6cb3f7fc2978ec1427b4651214 (git) before d8171411a661253e6271fa10b65b46daf1b6471c
affected

6706a97fec963d6cb3f7fc2978ec1427b4651214 (git) before ec620c34f5fa5d055f9f6136a387755db6157712
affected

6706a97fec963d6cb3f7fc2978ec1427b4651214 (git) before 977ad86c2a1bcaf58f01ab98df5cc145083c489c
affected

96106a207ae972d8f9e4815e84c159f29e4bbee7 (git)
affected

261def571d19d3b4e2228643c5c0ac89f5e10d15 (git)
affected

dbf1719c65fb0368a94d15767c669e47e295a073 (git)
affected

46b1ffd4738a3ee04b2e8f5a4b8cfc39e9c722a2 (git)
affected

a2df29ed840f90e459a3f8ff029b216be3912731 (git)
affected

ba93cf7d2118774c0b2dcfccc8ae999427815caa (git)
affected

4ca7e66fcce02459fa6961979f9fe30ae1098cf0 (git)
affected

bd380617d5d161ea2bbe7a8073b3ca7bca0381e5 (git)
affected

bfe7d1dee859cad6802f8e21a0a863f408114612 (git)
affected

968953df833c61fce5adcc0612efeaced24e5719 (git)
affected

99131760a8851e6e5b2c9b24d0a68a3068923a08 (git)
affected

84d9c612bb7a9e44c6bf286bedfbe72a6d2d71d4 (git)
affected

Default status
affected

4.9
affected

Any version before 4.9
unaffected

4.14.326 (semver)
unaffected

4.19.295 (semver)
unaffected

5.4.257 (semver)
unaffected

5.10.195 (semver)
unaffected

5.15.132 (semver)
unaffected

6.1.53 (semver)
unaffected

6.4.16 (semver)
unaffected

6.5.3 (semver)
unaffected

6.6 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/3533e10272555c422a7d51ebc0ce8c483429f7f2

git.kernel.org/...c/177212bf6dc1ff2d13d0409cddc5c9e81feec63d

git.kernel.org/...c/7a7dd70cb954d3efa706a429687ded88c02496fa

git.kernel.org/...c/4b8a938e329ae4eb54b73b0c87b5170607b038a8

git.kernel.org/...c/6ecf09699eb1554299aa1e7fd13e9e80f656c2f9

git.kernel.org/...c/f8a7f10a1dccf9868ff09342a73dce27501b86df

git.kernel.org/...c/d8171411a661253e6271fa10b65b46daf1b6471c

git.kernel.org/...c/ec620c34f5fa5d055f9f6136a387755db6157712

git.kernel.org/...c/977ad86c2a1bcaf58f01ab98df5cc145083c489c

cve.org (CVE-2023-53782)

nvd.nist.gov (CVE-2023-53782)

Download JSON