Description

cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).

Related CPE's

o

linux

linux_kernel

Vulnerable

o

debian

debian_linux

11.0

Vulnerable

References

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=caa4b35b4317d5147b3ab0fbdc9c075c7d2e9c12

PatchVendor Advisory

https://lists.debian.org/debian-lts-announce/2023/03/msg00000.html

https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html

https://www.debian.org/security/2023/dsa-5324

Third Party Advisory

https://www.openwall.com/lists/oss-security/2023/01/10/1

Mailing ListThird Party Advisory

https://www.openwall.com/lists/oss-security/2023/01/10/4

Mailing ListThird Party Advisory

Weaknesses

[email protected]

Primary
CWE-843

CVSS impact metrics

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

5.5 · Medium

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2023-01-12T07:15:08.193

2 years ago

Last modified

2023-05-03T14:15:31.060

2 years ago