CVE-2023-53344
📋 TL;DR
This CVE-2023-53344 is a Linux kernel vulnerability in the CAN (Controller Area Network) subsystem's bcm_tx_setup function where uninitialized memory can be accessed when memcpy_from_msg fails, potentially exposing kernel memory contents. It affects Linux systems using CAN networking, particularly automotive, industrial control, and embedded systems. The vulnerability could lead to information disclosure or kernel crashes.
💻 Affected Systems
- Linux Kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel memory disclosure leading to information leakage, potential privilege escalation if combined with other vulnerabilities, or kernel panic causing system crash.
Likely Case
Information disclosure of kernel memory contents, potentially exposing sensitive data or causing system instability.
If Mitigated
Minimal impact with proper kernel hardening and CAN subsystem isolation.
🎯 Exploit Status
Requires ability to interact with CAN network interfaces and trigger specific error conditions in memcpy_from_msg.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Fixed in kernel commits: 2b4c99f7d9a57ecd644eda9b1fb0a1072414959f, 2e6ad51c709fa794e0ce26003c9c9cd944e3383a, 3fa0f1e0e31b1b73cdf59d4c36c7242e6ef821be, 618b15d09fed6126356101543451d49860db4388, 78bc7f0ab99458221224d3ab97199c0f8e6861f1
Vendor Advisory: https://git.kernel.org/stable/c/2b4c99f7d9a57ecd644eda9b1fb0a1072414959f
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commits. 2. Check your distribution's security advisories for specific patched kernel versions. 3. Reboot system after kernel update.
🔧 Temporary Workarounds
Disable CAN bcm protocol
linuxDisable the vulnerable CAN bcm protocol module if not required
modprobe -r can_bcm
echo 'blacklist can_bcm' >> /etc/modprobe.d/blacklist.conf
Restrict CAN interface access
linuxLimit access to CAN network interfaces to trusted users only
chmod 600 /dev/can*
setfacl -m u:trusted_user:rw /dev/can*
🧯 If You Can't Patch
- Implement network segmentation to isolate CAN networks from other systems
- Apply strict access controls to CAN interfaces and monitor for unusual activity
🔍 How to Verify
Check if Vulnerable:
Check if can_bcm module is loaded: lsmod | grep can_bcm AND check kernel version against patched versionsCheck Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commits and can_bcm module loads without issues📡 Detection & Monitoring
Log Indicators:
- Kernel oops messages
- KMSAN error reports
- CAN subsystem crashes in dmesg
Network Indicators:
- Unusual CAN bus traffic patterns
- Multiple failed CAN message transmissions
SIEM Query:
source="kernel" AND ("KMSAN" OR "uninit-value" OR "can_bcm" OR "bcm_tx_setup")🔗 References
- https://git.kernel.org/stable/c/2b4c99f7d9a57ecd644eda9b1fb0a1072414959f
- https://git.kernel.org/stable/c/2e6ad51c709fa794e0ce26003c9c9cd944e3383a
- https://git.kernel.org/stable/c/3fa0f1e0e31b1b73cdf59d4c36c7242e6ef821be
- https://git.kernel.org/stable/c/618b15d09fed6126356101543451d49860db4388
- https://git.kernel.org/stable/c/78bc7f0ab99458221224d3ab97199c0f8e6861f1
- https://git.kernel.org/stable/c/ab2a55907823f0bca56b6d03ea05e4071ba8535f
- https://git.kernel.org/stable/c/bf70e0eab64c625da84d9fdf4e84466b79418920
- https://git.kernel.org/stable/c/c11dbc7705b3739974ac31a13f4ab81e61a5fb07
