PT-2023-6050 · Linux+9 · Linux Kernel+9
Lucas Leong
+1
·
Published
2023-06-29
·
Updated
2024-12-19
·
CVE-2023-39194
CVSS v2.0
4.6
Medium
| Vector | AV:L/AC:L/Au:S/C:C/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Linux Kernel (affected versions not specified)
Description
A flaw was found in the XFRM subsystem in the Linux kernel, specifically within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP NET ADMIN) attacker to trigger an out-of-bounds read, potentially leading to an information disclosure.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Almalinux
Astra Linux
Centos
Linux Kernel
Linuxmint
Red Hat
Rocky Linux
Suse
Ubuntu