CVE-2023-35788

moderate-risk

Published 2023-06-16

An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.

Do I need to act?

0.01% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.8/10 High

LOCAL / LOW complexity

Affected Products (14)

Linux Kernel

Debian Linux

H300S Firmware

H500S Firmware

H700S Firmware

H410S Firmware

H410C Firmware

Ubuntu Linux

Debian Linux

Affected Vendors

Debian Linux Canonical Netapp

References (20)

Third Party Advisory http://packetstormsecurity.com/files/174577/Kernel-Live-Patch-Security-Notice-LS...

Exploit http://www.openwall.com/lists/oss-security/2023/06/17/1

Mailing List https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.7

Patch https://git.kernel.org/linus/4d56304e5827c8cc8cc18c75343d283af7c4825c

Mailing List https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html

Mailing List https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html

Third Party Advisory https://security.netapp.com/advisory/ntap-20230714-0002/

Third Party Advisory https://www.debian.org/security/2023/dsa-5448

Third Party Advisory https://www.debian.org/security/2023/dsa-5480

Exploit https://www.openwall.com/lists/oss-security/2023/06/07/1