An out-of-bounds write vulnerability... CVE-2023-3611

- AV AC AU C I A
发布: 2023-07-21
修订: 2024-08-22

An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. The qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to packet sizes without bounds checks. We recommend upgrading past commit 3e337087c3b5805fe0b8a46ba622a962880b5d64.

0%
当前有25条漏洞利用/PoC
当前有12条受影响产品信息