QwikSec

Security Database

CVE

CWE

Training

CVE-2023-31436

Published: Apr 28, 2023

Modified: Oct 21, 2024

PUBLISHED

Description

qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/torvalds/linux/commit/3037933448f60f9acb705997eae62013ecb81e0d

https://www.spinics.net/lists/stable-commits/msg294885.html

https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2.13

vendor-advisory

[debian-lts-announce] 20230605 [SECURITY] [DLA 3446-1] linux-5.10 security update

mailing-list

https://security.netapp.com/advisory/ntap-20230609-0001/

http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html

http://packetstormsecurity.com/files/173757/Kernel-Live-Patch-Security-Notice-LSN-0096-1.html

http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.