Login Sign Up

CVE-2023-52807

7.8 HIGH

📋 TL;DR

This vulnerability in the Linux kernel's hns3 network driver allows out-of-bounds memory access when reading coalesce information via debugfs. Attackers with local access could potentially read sensitive kernel memory or cause system instability. Systems using affected Linux kernel versions with the hns3 driver are vulnerable.

💻 Affected Systems

Products:
  • Linux kernel with hns3 network driver
Versions: Specific affected kernel versions not specified in CVE, but patches available for stable kernel trees
Operating Systems: Linux distributions using vulnerable kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Requires hns3 driver to be loaded and debugfs mounted/accessible. Debugfs typically mounted at /sys/kernel/debug/.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local privilege escalation to kernel-level access, information disclosure of sensitive kernel memory, or system crash/DoS.

🟠

Likely Case

Information disclosure of kernel memory contents to local users, potentially revealing sensitive data or causing system instability.

🟢

If Mitigated

Minimal impact if debugfs access is restricted to privileged users only and proper access controls are in place.

🌐 Internet-Facing: LOW - Requires local access to debugfs interface, not directly exploitable over network.
🏢 Internal Only: MEDIUM - Local users or compromised accounts could exploit this to gain kernel memory access or cause system instability.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM - Requires local access and ability to read from debugfs interface.

Exploitation requires reading from specific debugfs files related to coalesce information in hns3 driver.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patched in stable kernel releases via commits referenced in CVE

Vendor Advisory: https://git.kernel.org/stable/c/07f5b8c47152cadbd9102e053dcb60685820aa09

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution. 2. Reboot system to load new kernel. 3. Verify hns3 driver is updated.

🔧 Temporary Workarounds

Restrict debugfs access

linux

Mount debugfs with restricted permissions or unmount it entirely to prevent access to vulnerable interface.

umount /sys/kernel/debug
mount -t debugfs -o mode=0750,uid=0,gid=0 debugfs /sys/kernel/debug

Disable hns3 driver

linux

Remove or blacklist hns3 driver if not required for system functionality.

modprobe -r hns3
echo 'blacklist hns3' > /etc/modprobe.d/blacklist-hns3.conf

🧯 If You Can't Patch

  • Restrict debugfs access to root only using mount options or filesystem permissions
  • Implement strict access controls to prevent non-privileged users from accessing /sys/kernel/debug/

🔍 How to Verify

Check if Vulnerable:

Check if hns3 driver is loaded: lsmod | grep hns3. Check kernel version against patched releases.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version is updated to include patches from referenced commits. Check /sys/kernel/debug/hns3/ contents are accessible without issues.

📡 Detection & Monitoring

Log Indicators:

  • Kernel oops or panic logs related to hns3 driver
  • Access to /sys/kernel/debug/hns3/coalesce files in audit logs

Network Indicators:

  • No direct network indicators - local vulnerability

SIEM Query:

Search for process access to /sys/kernel/debug/hns3/coalesce* files by non-privileged users

📊 Metadata

CVE ID: CVE-2023-52807
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-129
Published: May 21, 2024
Last Updated: March 6, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-52807, you might also want to check these:

CVE-2020-27483 9.9

This vulnerability in Garmin Forerunner 235 devices allows attackers to potentially execute arbitrar...

Same vulnerability type (CWE-129)
CVE-2020-27485 9.9

This vulnerability in Garmin Forerunner 235 devices allows malicious ConnectIQ store applications to...

Same vulnerability type (CWE-129)
CVE-2021-38563 9.8

This vulnerability in Foxit PDF software allows attackers to trigger memory corruption through malfo...

Same vulnerability type (CWE-129)