Wind River Support Network

HomeDefectsLIN1021-5935
Fixed

LIN1021-5935 : Security Advisory - linux - CVE-2023-35788

Created: Jun 18, 2023    Updated: Jun 28, 2023
Resolved Date: Jun 19, 2023
Found In Version: 10.21.20.1
Fix Version: 10.21.20.19
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Kernel

Description

An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.

CREATE(Triage):(User=admin) CVE-2023-35788 (https://nvd.nist.gov/vuln/detail/CVE-2023-35788)

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube