CVE-2023-35788

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jun 16, 2023
Updated: Jun 26, 2024
CWE ID 787

Summary

CVE-2023-35788 is a vulnerability affecting the Linux kernel version prior to 6.3.7. A flaw was detected in the fl_set_geneve_opt function in net/sched/cls_flower.c. This issue allows an out-of-bounds write in the flower classifier code through TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. Consequences of this vulnerability include denial of service or potential privilege escalation.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share