CVE-2023-3268: 
Linux Kernel vulnerability analysis and mitigation

CVE-2023-3268 is an out-of-bounds (OOB) memory access vulnerability discovered in the Linux kernel's relayfs implementation, specifically in the relay_file_read_start_pos function in kernel/relay.c. The vulnerability was disclosed on June 16, 2023, affecting Linux kernel versions prior to 6.4-rc1 (NVD, CVE).

The vulnerability occurs when the read_start variable points to the end of the last subbuf in relay_file_read. The issue arises under specific conditions: when both the last produced byte and last consumed byte are at the end of the last subbuf, and a softirq interrupts relay_file_read_avail() to write to the subbuf. This leads to an invalid memory address calculation in the from = buf->start + read_start operation (Kernel Patch). The vulnerability has been assigned a CVSS v3.1 base score of 7.1 (HIGH) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H (NVD).

This vulnerability could allow a local attacker to crash the system (denial of service) or leak kernel internal information (CVE, NetApp Advisory).

The vulnerability has been fixed in Linux kernel version 6.4-rc1 with a patch that modifies the relay_file_read_start_pos function to properly handle buffer calculations. Various Linux distributions have backported the fix, including Debian in versions 6.1.37-1 for bookworm and 5.10.191-1 for bullseye (Debian Advisory, Debian Advisory).