A flaw was found in the networking subsystem of the Linux kernel within the handling of the RPL protocol. This issue results from the lack of proper handling of user-supplied data, which can lead to an assertion failure. This may allow an unauthenticated remote attacker to create a denial of service condition on the system.
The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.
| Link | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-23-547/ | third party advisory vdb entry |
| https://bugzilla.redhat.com/show_bug.cgi?id=2196292 | third party advisory issue tracking |
| http://www.openwall.com/lists/oss-security/2023/05/17/8 | mailing list |
| http://www.openwall.com/lists/oss-security/2023/05/17/9 | mailing list |
| http://www.openwall.com/lists/oss-security/2023/05/18/1 | mailing list |
| http://www.openwall.com/lists/oss-security/2023/05/19/1 | mailing list |
| https://security.netapp.com/advisory/ntap-20230622-0001/ | third party advisory mailing list |
| https://www.debian.org/security/2023/dsa-5448 | vendor advisory third party advisory vdb entry |
| https://www.debian.org/security/2023/dsa-5453 | vendor advisory third party advisory vdb entry |
| https://lists.debian.org/debian-lts-announce/2023/08/msg00001.html | third party advisory mailing list |