CVE-2023-3773

CVSS V2 None CVSS V3 None
Description
A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to cause a 4 byte out-of-bounds read of XFRMA_MTIMER_THRESH when parsing netlink attributes, leading to potential leakage of sensitive heap data to userspace.
Overview
  • CVE ID
  • CVE-2023-3773
  • Assigner
  • redhat
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2023-07-25T15:47:40.391Z
  • Last Modified Date
  • 2024-05-01T20:20:49.531Z
History
Created Old Value New Value Data Type Notes
2024-06-24 20:44:30 Added to TrackCVE