QwikSec

Security Database

CVE

CWE

Training

CVE-2023-35788

Published: Jun 16, 2023

Modified: May 5, 2025

PUBLISHED

Description

An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.openwall.com/lists/oss-security/2023/06/07/1

https://git.kernel.org/linus/4d56304e5827c8cc8cc18c75343d283af7c4825c

https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.7

[oss-security] 20230617 Re: Linux kernel: off-by-one in fl_set_geneve_opt

mailing-list

vendor-advisory

https://security.netapp.com/advisory/ntap-20230714-0002/

[debian-lts-announce] 20230727 [SECURITY] [DLA 3508-1] linux security update

mailing-list

vendor-advisory

http://packetstormsecurity.com/files/174577/Kernel-Live-Patch-Security-Notice-LSN-0097-1.html

[debian-lts-announce] 20231019 [SECURITY] [DLA 3623-1] linux-5.10 security update

mailing-list

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.