CVE-2023-54105

NONE EPSS 7.2%
Published Dec 24, 20256mo ago · Modified Jun 17, 20262w ago
Find Similar
Published Dec 24, 2025 6mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: can: isotp: check CAN address family in isotp_bind() Add missing check to block non-AF_CAN binds. Syzbot created some code which matched the right sockaddr struct size but used AF_XDP (0x2C) instead of AF_CAN (0x1D) in the address family field: bind$xdp(r2, &(0x7f0000000540)={0x2c, 0x0, r4, 0x0, r2}, 0x10) ^^^^ This has no funtional impact but the userspace should be notified about the wrong address family field content.

Threat Intelligence

EPSS Exploit Probability
7.2% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

References 5

  • git.kernel.org https://git.kernel.org/stable/c/2fc6f337257f4f7c21ecff429241f7acaa6df4e8
  • git.kernel.org https://git.kernel.org/stable/c/9427584c2f153d0677ef3bad6f44028c60d728c4
  • git.kernel.org https://git.kernel.org/stable/c/c6adf659a8ba85913e16a571d5a9bcd17d3d1234
  • git.kernel.org https://git.kernel.org/stable/c/dd4faace51e41a82a8c0770ee0cc26088f9d9d06
  • git.kernel.org https://git.kernel.org/stable/c/de3c02383aa678f6799402ac47fdd89cf4bfcaa9

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.