- CVE-2023-52906
- Suggested Configuration
- OR
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.10.0 up to (excluding) 5.10.164
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.15.0 up to (excluding) 5.15.89
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.4.0 up to (excluding) 5.4.229
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.1.0 up to (excluding) 6.1.7
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.2.0 up to (excluding) 6.2
- Reference
- https://www.kernel.org/pub//linux/kernel/v5.x/ChangeLog-5.10.164
- https://www.kernel.org/pub//linux/kernel/v5.x/ChangeLog-5.15.89
- https://www.kernel.org/pub//linux/kernel/v5.x/ChangeLog-5.4.229
- https://www.kernel.org/pub//linux/kernel/v6.x/ChangeLog-6.1.7
- https://www.kernel.org/pub//linux/kernel/v6.x/ChangeLog-6.2
- Reference (Commit)
- net/sched: act_mpls: Fix warning during failed attribute validation
- Fixed by
- 5.10.164 (453277feb41c2235cf2c0de9209eef962c401457)
- 5.15.89 (9e2c38827cdc6fdd3bb375c8607fc04d289756f9)
- 5.4.229 (2b157c3c5d6b8ddca48d53c9e662032f65af8d61)
- 6.1.7 (8a97b544b98e44f596219ebb290fd2ba2fd5d644)
- 6.2 (9e17f99220d111ea031b44153fdfe364b0024ff2) (upstream)
- Will be introduced by
- 5.3 (2a2ea50870ba)
- I Checked
- XXXXXXXXXXXXXXXXXXXXXXXXXXXX is written as upstream commit in each ChangeLog
- From XXXXXXXX commit page, XXXXXXXXXXX is the most oldest in commit-branches area
- For 3.16.35, there is related post at lkml
- For 3.16 series, 3.16.35 is the next release from 3.16.7 which was released at 2014
- https://mirrors.edge.kernel.org/pub/linux/kernel/v3.x/
- XXXX
witchcraze
commented
1 week ago
[CVE Configuration Update Request] Update Suggestion - CVE-2023-52906 - Cvss3 : 7.8
https://www.linuxkernelcves.com/cves/CVE-2023-52906 https://gitlab.com/cip-project/cip-kernel/cip-kernel-sec/-/blob/master/issues/CVE-2023-52906.yml https://github.com/witchcraze/NVD_CHECK/blob/main/kernel/CVE-2023-52906.json