exploitDog

CVE-2023-35788

Опубликовано: 16 июн. 2023

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.

Ссылки

http://packetstormsecurity.com/files/174577/Kernel-Live-Patch-Security-Notice-LSN-0097-1.html
Third Party Advisory
VDB Entry
http://www.openwall.com/lists/oss-security/2023/06/17/1
Exploit
Mailing List
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.7
Mailing List
Patch
https://git.kernel.org/linus/4d56304e5827c8cc8cc18c75343d283af7c4825c
Patch
https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html
Mailing List
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html
Mailing List
Third Party Advisory
https://security.netapp.com/advisory/ntap-20230714-0002/
Third Party Advisory
https://www.debian.org/security/2023/dsa-5448
Third Party Advisory
https://www.debian.org/security/2023/dsa-5480
Third Party Advisory
https://www.openwall.com/lists/oss-security/2023/06/07/1
Exploit
Mailing List
http://packetstormsecurity.com/files/174577/Kernel-Live-Patch-Security-Notice-LSN-0097-1.html
Third Party Advisory
VDB Entry
http://www.openwall.com/lists/oss-security/2023/06/17/1
Exploit
Mailing List
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.7
Mailing List
Patch
https://git.kernel.org/linus/4d56304e5827c8cc8cc18c75343d283af7c4825c
Patch
https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html
Mailing List
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html
Mailing List
Third Party Advisory
https://security.netapp.com/advisory/ntap-20230714-0002/
Third Party Advisory
https://www.debian.org/security/2023/dsa-5448
Third Party Advisory
https://www.debian.org/security/2023/dsa-5480
Third Party Advisory
https://www.openwall.com/lists/oss-security/2023/06/07/1
Exploit
Mailing List

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 4.19 (включая) до 4.19.285 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 4.20 (включая) до 5.4.246 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.5 (включая) до 5.10.183 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.11 (включая) до 5.15.116 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.16 (включая) до 6.1.33 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 6.2 (включая) до 6.3.7 (исключая)

Конфигурация 2

cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*

Конфигурация 3

Одновременно

cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*

cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*

Конфигурация 4

Одновременно

cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*

cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*

Конфигурация 5

Одновременно

cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*

cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*

Конфигурация 6

Одновременно

cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*

cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*

Конфигурация 7

Одновременно

cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*

cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*

Конфигурация 8

Одно из

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*

Конфигурация 9

Одно из

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

EPSS

Процентиль: 1%

0.00009

Низкий

7.8 High

CVSS3

Дефекты

CWE-787

CWE-787

Связанные уязвимости

CVE-2023-35788

CVSS3: 7.8

ubuntu

около 2 лет назад

An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.

CVE-2023-35788

CVSS3: 7.8

redhat

около 2 лет назад

An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.

CVE-2023-35788

CVSS3: 7.8

msrc

почти 2 года назад

Описание отсутствует

CVE-2023-35788

CVSS3: 7.8

debian

около 2 лет назад

An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c ...

SUSE-SU-2023:3115-1

suse-cvrf

почти 2 года назад

Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP4)

EPSS

Процентиль: 1%

0.00009

Низкий

7.8 High

CVSS3

Дефекты

CWE-787

CWE-787