retired/CVE-2023-2163


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15

Description: bpf: Fix incorrect verifier pruning due to missing register precision taints
References:
 https://github.com/google/security-research/security/advisories/GHSA-j87x-j6mh-mv8v#event-102578
Notes:
 carnil> Commit fixes b5dc0163d8fd ("bpf: precise scalar_value
 carnil> tracking") in 5.3-rc1.
Bugs:
upstream: released (6.3) [71b547f561247897a0a14f3082730156c0533fed]
6.1-upstream-stable: released (6.1.26) [89603f4c9154e818b9ead1abe08545a053c66ded]
5.10-upstream-stable: released (5.10.179) [b1281d008845ae9a4de9ef7510dcc1667557a67a]
4.19-upstream-stable: N/A "Vulnerable code not present"
sid: released (6.1.27-1)
6.1-bookworm-security: N/A "Fixed before branching point"
5.10-bullseye-security: released (5.10.179-1)
4.19-buster-security: N/A "Vulnerable code not present"