CVE-2023-34319: Linux Netback Driver Buffer Overflow via Extreme Packet Splitting
CVE-2023-34319 Published on September 22, 2023
Linux: buffer overrun in netback due to unusual packet
The fix for XSA-423 added logic to Linux'es netback driver to deal with
a frontend splitting a packet in a way such that not all of the headers
would come in one piece. Unfortunately the logic introduced there
didn't account for the extreme case of the entire packet being split
into as many pieces as permitted by the protocol, yet still being
smaller than the area that's specially dealt with to keep all (possible)
headers together. Such an unusual packet would therefore trigger a
buffer overrun in the driver.
Vulnerability Analysis
CVE-2023-34319 can be exploited with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.
Weakness Type
What is a Memory Corruption Vulnerability?
The software writes data past the end, or before the beginning, of the intended buffer. Typically, this can result in corruption of data, a crash, or code execution. The software may modify an index or perform pointer arithmetic that references a memory location that is outside of the boundaries of the buffer. A subsequent write operation then produces undefined or unexpected results.
CVE-2023-34319 has been classified to as a Memory Corruption vulnerability or weakness.
Products Associated with CVE-2023-34319
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2023-34319 are published in these products:
Affected Versions
Linux Version consult Xen advisory XSA-432 is unknown by CVE-2023-34319Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.