Login Sign Up

CVE-2023-52745

5.5 MEDIUM
Denial of Service

📋 TL;DR

A NULL pointer dereference vulnerability in the Linux kernel's IP over InfiniBand (IPoIB) subsystem allows local attackers to cause a kernel panic and system crash. This affects systems using legacy IPoIB interfaces on devices that don't support multiple queues. The vulnerability is triggered when creating child PKEY interfaces with multiple queues on hardware that only supports single queues.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Kernel versions before the fix commits (specific versions vary by distribution, generally 6.1.x and earlier with IPoIB support)
Operating Systems: Linux distributions using affected kernel versions
Default Config Vulnerable: ✅ No
Notes: Only affects systems using IPoIB (InfiniBand) networking with legacy single-queue hardware. Most standard Ethernet systems are not affected.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local denial of service causing complete system crash and kernel panic, requiring physical or remote console access to reboot.

🟠

Likely Case

Local denial of service when creating IPoIB PKEY interfaces on incompatible hardware, leading to system instability.

🟢

If Mitigated

No impact if systems don't use IPoIB interfaces or have already patched the kernel.

🌐 Internet-Facing: LOW - Requires local access to trigger, not remotely exploitable.
🏢 Internal Only: MEDIUM - Local users or processes can crash systems using IPoIB, affecting availability of critical infrastructure.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: NO
Unauthenticated Exploit: ✅ No
Complexity: LOW - Simple local trigger via IPoIB interface creation.

Exploitation requires local access and IPoIB configuration privileges. No known public exploits.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in kernel commits: 1b4ef90cbcfa603b3bb536fbd6f261197012b6f6, 4a779187db39b2f32d048a752573e56e4e77807f, 7197460dcd43ff0e4a502ba855dd82d37c2848cc, b1afb666c32931667c15ad1b58e7203f0119dcaf, e632291a2dbce45a24cddeb5fe28fe71d724ba43

Vendor Advisory: https://git.kernel.org/stable/c/1b4ef90cbcfa603b3bb536fbd6f261197012b6f6

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commits. 2. For RHEL/CentOS: yum update kernel. 3. For Ubuntu/Debian: apt update && apt upgrade linux-image. 4. Reboot system to load new kernel.

🔧 Temporary Workarounds

Disable IPoIB interfaces

linux

Prevent creation of IPoIB PKEY interfaces on affected hardware.

modprobe -r ib_ipoib
echo 'blacklist ib_ipoib' >> /etc/modprobe.d/blacklist.conf

Restrict IPoIB configuration

linux

Limit which users can create IPoIB interfaces using capabilities or sudo restrictions.

setcap -r /sbin/ip
chmod 750 /sbin/ip

🧯 If You Can't Patch

  • Disable IPoIB module loading entirely if not needed for production.
  • Implement strict access controls to prevent unauthorized users from creating network interfaces.

🔍 How to Verify

Check if Vulnerable:

Check if IPoIB is loaded and kernel version is vulnerable: lsmod | grep ib_ipoib && uname -r

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes fix commits: grep -i 'commit.*1b4ef90cbcfa603b3bb536fbd6f261197012b6f6' /boot/config-$(uname -r) || echo 'Check kernel changelog'

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic messages in /var/log/messages or dmesg
  • 'NULL pointer dereference' errors with IPoIB references
  • System crash/reboot events coinciding with network interface creation

Network Indicators:

  • Sudden loss of IPoIB connectivity
  • Interface creation failures

SIEM Query:

event_source:kernel AND (message:"NULL pointer dereference" OR message:"IPoIB" OR message:"ib_ipoib")

📊 Metadata

CVE ID: CVE-2023-52745
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-476
Published: May 21, 2024
Last Updated: March 6, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-52745, you might also want to check these:

CVE-2022-36648 10.0

This CVE describes a vulnerability in QEMU's hardware emulation where a malformed program executed i...

Same vulnerability type (CWE-476)
CVE-2019-20914 9.8

This vulnerability in GNU LibreDWG is a NULL pointer dereference that can cause application crashes ...

Same vulnerability type (CWE-476)
CVE-2022-30592 9.8

This vulnerability in LiteSpeed QUIC (LSQUIC) before version 3.1.0 involves improper handling of MAX...

Same vulnerability type (CWE-476)