Spoofing attack in Linux kernel - CVE-2023-52881
Published: May 29, 2024 / Updated: May 14, 2025
Vulnerability identifier: #VU89895
CSH Severity: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2023-52881
CWE-ID: CWE-451
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to an error within the tcp_ack() function in net/ipv4/tcp_input.c, which can result in system accepting ACK responses for bytes that were never sent. A remote attacker can perform spoofing attack.
Remediation
Install updates from vendor's website.
External links
- https://git.kernel.org/stable/c/69eae75ca5255e876628ac5cee9eaab31f644b57
- https://git.kernel.org/stable/c/458f07ffeccd17f99942311e09ef574ddf4a414a
- https://git.kernel.org/stable/c/7ffff0cc929fdfc62a74b384c4903d6496c910f0
- https://git.kernel.org/stable/c/b17a886ed29f3b70b78ccf632dad03e0c69e3c1a
- https://git.kernel.org/stable/c/0d4e0afdd6658cd21dd5be61880411a2553fd1fc
- https://git.kernel.org/stable/c/008b807fe487e0b15a3a6c39add4eb477f73e440
- https://git.kernel.org/stable/c/2087d53a66e97a5eb5d1bf558d5bef9e5f891757
- https://git.kernel.org/stable/c/3d501dd326fb1c73f1b8206d4c6e1d7b15c07e27
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.333
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.302
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.204
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.143
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.264
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.68
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.7
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.7