CVE-2023-42755 in Linux
Summary
by MITRE • 10/25/2023
A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `rsvp_classify` function. This issue may allow a local user to crash the system and cause a denial of service.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Analysis
by VulDB Data Team • 07/24/2025
The vulnerability identified as CVE-2023-42755 represents a critical out-of-bounds read condition within the Linux kernel's implementation of the IPv4 Resource Reservation Protocol classifier. This flaw exists in the network subsystem where the RSVP protocol handles packet classification for resource reservation requests. The vulnerability manifests when processing incoming packets through the `rsvp_classify` function, which is responsible for determining how network traffic should be handled based on reservation parameters. The issue stems from improper bounds checking on the transport pointer within the socket buffer structure, creating a scenario where memory access extends beyond the allocated linear portion of the packet data structure.
The technical implementation of this vulnerability involves the manipulation of the xprt pointer within the socket buffer (skb) structure during RSVP packet processing. When the kernel attempts to classify packets using the RSVP protocol, it accesses memory locations that extend beyond the legitimate boundaries of the packet data buffer. This occurs because the validation logic fails to properly verify that pointer arithmetic remains within the confines of the allocated memory region. The flaw is classified as a buffer overflow condition that operates at the kernel level, making it particularly dangerous as it can be exploited by local users with minimal privileges. The specific nature of this vulnerability aligns with CWE-129, which addresses improper validation of array indices, and CWE-787, which covers out-of-bounds write operations.
The operational impact of this vulnerability extends beyond simple denial of service, as it provides a potential pathway for privilege escalation and system instability. Local users can exploit this condition to trigger kernel memory corruption, resulting in system crashes, reboot cycles, and complete service disruption. The denial of service aspect is particularly concerning in networked environments where the kernel's network processing capabilities are essential for system operation. The vulnerability affects systems running Linux kernel versions that implement RSVP functionality, potentially impacting servers, routers, and any network infrastructure that relies on resource reservation protocols for traffic management. This flaw can be leveraged by malicious actors to disrupt network services, particularly in environments where RSVP is actively used for Quality of Service management and bandwidth reservation.
Mitigation strategies for CVE-2023-42755 should prioritize immediate kernel updates from vendors, as this vulnerability requires patching at the kernel level to address the underlying memory access validation issues. System administrators should implement comprehensive monitoring for unusual network behavior or kernel panics that might indicate exploitation attempts. The vulnerability's classification under ATT&CK technique T1059.003, which covers command and script injection, suggests that exploitation might occur through network-based attack vectors targeting the kernel's network processing modules. Organizations should also consider implementing network segmentation and access controls to limit potential exploitation paths, while maintaining regular vulnerability assessments to identify similar issues in other kernel components. The patching process must be carefully coordinated to ensure that network services remain operational during the update process, particularly in mission-critical environments where network availability is paramount.