{"id":"CVE-2023-1390","details":"A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipc_link_xmit() hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization for the system to instantly spike to 100%, causing a denial of service condition.","modified":"2026-03-13T06:51:04.401964Z","published":"2023-03-16T21:15:11.447Z","related":["SUSE-SU-2023:1800-1","SUSE-SU-2023:1801-1","SUSE-SU-2023:1803-1","SUSE-SU-2023:1811-1","SUSE-SU-2023:1848-1","SUSE-SU-2023:1892-1","SUSE-SU-2023:1894-1","SUSE-SU-2023:2232-1","SUSE-SU-2023:2660-1","SUSE-SU-2023:2666-1","SUSE-SU-2023:2679-1","SUSE-SU-2023:2681-1","SUSE-SU-2023:2686-1","SUSE-SU-2023:2689-1","SUSE-SU-2023:2690-1","SUSE-SU-2023:2694-1","SUSE-SU-2023:2695-1","SUSE-SU-2023:2698-1","SUSE-SU-2023:2701-1","SUSE-SU-2023:2702-1","SUSE-SU-2023:2708-1","SUSE-SU-2023:2710-1","SUSE-SU-2023:2718-1","SUSE-SU-2023:2719-1","SUSE-SU-2023:2724-1","SUSE-SU-2023:2727-1","SUSE-SU-2023:2741-1","SUSE-SU-2023:2805-1"],"references":[{"type":"WEB","url":"https://infosec.exchange/%40_mattata/109427999461122360"},{"type":"ADVISORY","url":"https://gist.github.com/netspooky/bee2d07022f6350bb88eaa48e571d9b5"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20230420-0001/"},{"type":"FIX","url":"https://github.com/torvalds/linux/commit/b77413446408fdd256599daf00d5be72b5f3e7c6"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"4.3"},{"fixed":"4.9.253"}]},{"events":[{"introduced":"4.10"},{"fixed":"4.14.217"}]},{"events":[{"introduced":"4.15"},{"fixed":"4.19.170"}]},{"events":[{"introduced":"4.20"},{"fixed":"5.4.92"}]},{"events":[{"introduced":"5.5"},{"fixed":"5.10.10"}]},{"events":[{"introduced":"0"},{"last_affected":"5.11-rc1"}]},{"events":[{"introduced":"0"},{"last_affected":"5.11-rc2"}]},{"events":[{"introduced":"0"},{"last_affected":"5.11-rc3"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-1390.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}