CVE-2023-52887

Source
https://nvd.nist.gov/vuln/detail/CVE-2023-52887
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-52887.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-52887
Downstream
Related
Published
2024-07-29T16:15:03Z
Modified
2025-09-26T14:44:50Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

net: can: j1939: enhanced error handling for tightly received RTS messages in xtprxrtssessionnew

This patch enhances error handling in scenarios with RTS (Request to Send) messages arriving closely. It replaces the less informative WARNONONCE backtraces with a new error handling method. This provides clearer error messages and allows for the early termination of problematic sessions. Previously, sessions were only released at the end of j1939xtprx_rts().

Potentially this could be reproduced with something like: testj1939 -r vcan0:0x80 & while true; do # send first RTS cansend vcan0 18EC8090#1014000303002301; # send second RTS cansend vcan0 18EC8090#1014000303002301; # send abort cansend vcan0 18EC8090#ff00000000002301; done

References

Affected packages