CVE-2023-52887
Published: Jul 29, 2024
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: enhanced error handling for tightly received RTS messages in xtp_rx_rts_session_new This patch enhances error handling in scenarios with RTS (Request to Send) messages arriving closely. It replaces the less informative WARN_ON_ONCE backtraces with a new error handling method. This provides clearer error messages and allows for the early termination of problematic sessions. Previously, sessions were only released at the end of j1939_xtp_rx_rts(). Potentially this could be reproduced with something like: testj1939 -r vcan0:0x80 & while true; do # send first RTS cansend vcan0 18EC8090#1014000303002301; # send second RTS cansend vcan0 18EC8090#1014000303002301; # send abort cansend vcan0 18EC8090#ff00000000002301; done
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 9d71dd0c70099914fcd063135da3c580865e924c - < ed581989d7ea9df6f8646beba2341e32cd49a1f9affected 9d71dd0c70099914fcd063135da3c580865e924c - < f6c839e717901dbd6b1c1ca807b6210222eb70f6affected 9d71dd0c70099914fcd063135da3c580865e924c - < 1762ca80c2b72dd1b5821c5e347713ae696276eaaffected 9d71dd0c70099914fcd063135da3c580865e924c - < 26b18dd30e63d4fd777be429148e8e4ed66f60b2affected 9d71dd0c70099914fcd063135da3c580865e924c - < 177e33b655d35d72866b50aec84307119dc5f3d4+2 more versions |
Linux | Linux | affected 5.4unaffected 0 - < 5.4unaffected 5.4.279 - <= 5.4.*unaffected 5.10.221 - <= 5.10.*unaffected 5.15.162 - <= 5.15.*+4 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now