CVE-2023-45871

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Oct 15, 2023
Updated: Jan 11, 2024
CWE ID 131

Summary

CVE-2023-45871 is a vulnerability affecting the IGB driver in the Linux kernel prior to version 6.5.3. The issue lies in the handling of frames larger than the Maximum Transmission Unit (MTU) in the drivers/net/ethernet/intel/igb/igb_main.c file. Specifically, an insufficient buffer size may lead to buffer overflows and potential memory corruption. Exploitation of this vulnerability could result in denial of service attacks or even privilege escalation, posing a significant risk to systems using the affected kernel versions.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share