PT-2023-3516 · Linux+10 · Linux Kernel+10

Published

2023-05-10

Updated

2025-07-11

CVE-2023-3090

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux Kernel (affected versions not specified)

Description A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-of-bounds write is caused by missing skb->cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIG IPVLAN is enabled.

Recommendations We recommend upgrading past commit 90cbed5247439a966b645b34eb0a2e037836ea8e.

Exploit

Fix

LPE

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

ALSA-2023:4377

ALSA-2023:4378

ALSA-2023:5244

ALT-PU-2023-2038

ALT-PU-2023-4401

ALT-PU-2023-4482

ALT-PU-2023-4638

ALT-PU-2023-4663

ALT-PU-2024-6818

AZL-27350

BDU:2023-03721

CESA-2023_5221

CESA-2023_5244

CESA-2023_5255

CVE-2023-3090

DLA-3508-1

DLA-3623-1

DSA-5448-1

DSA-5480-1

LSN-0097-1

LSN-0098-1

OESA-2023-1435

OESA-2023-1436

OESA-2023-1437

OESA-2023-1438

OESA-2023-1439

OESA-2025-1820

OPENSUSE-SU-2023_2859-1

OPENSUSE-SU-2023_2871-1

OPENSUSE-SU-2023_2892-1

OPENSUSE-SU-2023_3302-1

OPENSUSE-SU-2023_3630-1

OPENSUSE-SU-2023_3644-1

OPENSUSE-SU-2023_3647-1

OPENSUSE-SU-2023_3648-1

OPENSUSE-SU-2023_3657-1

OPENSUSE-SU-2023_3671-1

OPENSUSE-SU-2023_3676-1

RHSA-2023:4377

RHSA-2023:4378

RHSA-2023:4380

RHSA-2023:4515

RHSA-2023:4516

RHSA-2023:4801

RHSA-2023:4814

RHSA-2023:4815

RHSA-2023:4817

RHSA-2023:4828

RHSA-2023:4829

RHSA-2023:4961

RHSA-2023:4962

RHSA-2023:4967

RHSA-2023:5221

RHSA-2023:5244

RHSA-2023:5255

RHSA-2023:5548

RHSA-2023:5627

RHSA-2023_4377

RHSA-2023_4378

RHSA-2023_5244

RHSA-2023_5255

RLSA-2023:4378

RLSA-2023:5244

RXSA-2023:5244

SUSE-SU-2023:2803-1

SUSE-SU-2023:2804-1

SUSE-SU-2023:2805-1

SUSE-SU-2023:2808-1

SUSE-SU-2023:2810-1

SUSE-SU-2023:2820-1

SUSE-SU-2023:2822-1

SUSE-SU-2023:2830-1

SUSE-SU-2023:2831-1

SUSE-SU-2023:2834-1

SUSE-SU-2023:2859-1

SUSE-SU-2023:2871-1

SUSE-SU-2023:2892-1

SUSE-SU-2023:3302-1

SUSE-SU-2023:3566-1

SUSE-SU-2023:3571-1

SUSE-SU-2023:3576-1

SUSE-SU-2023:3582-1

SUSE-SU-2023:3585-1

SUSE-SU-2023:3592-1

SUSE-SU-2023:3594-1

SUSE-SU-2023:3595-1

SUSE-SU-2023:3596-1

SUSE-SU-2023:3603-1

SUSE-SU-2023:3607-1

SUSE-SU-2023:3612-1

SUSE-SU-2023:3620-1

SUSE-SU-2023:3621-1

SUSE-SU-2023:3623-1

SUSE-SU-2023:3627-1

SUSE-SU-2023:3628-1

SUSE-SU-2023:3629-1

SUSE-SU-2023:3630-1

SUSE-SU-2023:3631-1

SUSE-SU-2023:3644-1

SUSE-SU-2023:3647-1

SUSE-SU-2023:3648-1

SUSE-SU-2023:3657-1

SUSE-SU-2023:3668-1

SUSE-SU-2023:3671-1

SUSE-SU-2023:3675-1

SUSE-SU-2023:3676-1

USN-6231-1

USN-6246-1

USN-6250-1

USN-6251-1

USN-6252-1

USN-6254-1

USN-6255-1

USN-6260-1

USN-6261-1

USN-6385-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Linux Kernel

Linuxmint

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

PT-2023-3516 · Linux+10 · Linux Kernel+10

CVE-2023-3090

Weakness Enumeration

Related Identifiers

Affected Products

References · 1021