CVE-2023-35788
CVSS 3.1 Score 7.8 of 10 (high)
Details
Published Jun 16, 2023
Updated: Jun 26, 2024
CWE ID 787
Summary
CVE-2023-35788 is a vulnerability affecting the Linux kernel version prior to 6.3.7. A flaw was detected in the fl_set_geneve_opt function in net/sched/cls_flower.c. This issue allows an out-of-bounds write in the flower classifier code through TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. Consequences of this vulnerability include denial of service or potential privilege escalation.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share