CVE-2023-1390

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-1390

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-1390.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-1390

Downstream

DEBIAN-CVE-2023-1390

RHSA-2021:1578

RHSA-2021:1739

RHSA-2023:3190

RHSA-2023:3191

RHSA-2023:4125

RHSA-2023:4126

RHSA-2023:4146

SUSE-SU-2023:1800-1

SUSE-SU-2023:1801-1

SUSE-SU-2023:1803-1

SUSE-SU-2023:1811-1

SUSE-SU-2023:1848-1

SUSE-SU-2023:1892-1

SUSE-SU-2023:1894-1

SUSE-SU-2023:2232-1

SUSE-SU-2023:2660-1

SUSE-SU-2023:2666-1

SUSE-SU-2023:2679-1

SUSE-SU-2023:2681-1

SUSE-SU-2023:2686-1

SUSE-SU-2023:2689-1

SUSE-SU-2023:2690-1

SUSE-SU-2023:2694-1

SUSE-SU-2023:2695-1

SUSE-SU-2023:2698-1

SUSE-SU-2023:2701-1

SUSE-SU-2023:2702-1

SUSE-SU-2023:2708-1

SUSE-SU-2023:2710-1

SUSE-SU-2023:2718-1

SUSE-SU-2023:2719-1

SUSE-SU-2023:2724-1

SUSE-SU-2023:2727-1

SUSE-SU-2023:2741-1

SUSE-SU-2023:2805-1

UBUNTU-CVE-2023-1390

USN-6045-1

Related

Published

2023-03-16T21:15:11Z

Modified

2025-08-09T20:01:26Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipclinkxmit() hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization for the system to instantly spike to 100%, causing a denial of service condition.

References

Affected packages