Security Advisory

CVE-2023-35788

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-06-16 00:00:00
Last updated 2025-05-05 15:57:20
Assigner mitre
State PUBLISHED

Description

An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.