Wind River Support Network

HomeDefectsLIN1023-969
Fixed

LIN1023-969 : Security Advisory - linux - CVE-2023-35788

Created: Jun 18, 2023    Updated: Apr 17, 2024
Resolved Date: Jun 20, 2023
Found In Version: 10.23.30.1
Fix Version: 10.23.30.1
Severity: Standard
Applicable for: Wind River Linux LTS 23
Component/s: Kernel

Description

An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.

CREATE(Triage):(User=admin) CVE-2023-35788 (https://nvd.nist.gov/vuln/detail/CVE-2023-35788)

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube