CVE-2023-3611

CVSS V2 None CVSS V3 None
Description
An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. The qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to packet sizes without bounds checks. We recommend upgrading past commit 3e337087c3b5805fe0b8a46ba622a962880b5d64.
Overview
  • CVE ID
  • CVE-2023-3611
  • Assigner
  • Google
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2023-07-21T20:49:10.812Z
  • Last Modified Date
  • 2023-07-22T09:43:12.163Z
History
Created Old Value New Value Data Type Notes
2024-06-24 21:08:51 Added to TrackCVE