CVE-2023-35001Out-of-bounds Write in Kernel

CWE-787Out-of-bounds WriteCWE-125Out-of-bounds Read38 documents9 sources
Severity
7.8HIGHNVD
OSV7.1OSV5.7OSV5.5OSV5.3OSV4.7
EPSS
0.2%
top 56.88%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Linux KernelDebian LinuxDebian Linux+2 more
Timeline
PublishedJul 5
Latest updateApr 15

Description

Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages6 packages

NVDlinux/linux_kernel3.134.14.322+6
Debianlinux/linux_kernel< 5.10.179-2+3
Ubuntulinux/linux_kernel< 5.4.0-155.172+6
CVEListV5linux/linux_kernelv3.13-rc1
debiandebian/linux< linux 6.1.38-1 (bookworm)

Also affects: Debian Linux 11.0, Fedora 37, 38

Patches

Patch: lists.debian.orgPatch: lore.kernel.orgPatch: lists.debian.org

🔴Vulnerability Details

15
OSV
linux vulnerabilities2023-10-30
OSV
Kernel Live Patch Security Notice2023-09-05
OSV
linux-oem-6.1 vulnerabilities2023-08-11
OSV
linux-iot vulnerabilities2023-07-28
OSV
linux-aws-5.19, linux-gcp-5.19, linux-hwe-5.19 vulnerabilities2023-07-27

📋Vendor Advisories

21
CISA ICS
ABB M2M Gateway2025-04-15
CISA ICS
Siemens SCALANCE W7002025-02-13
CISA ICS
Siemens SCALANCE XCM-/XRM-3002024-02-15
Palo Alto
PAN-SA-2024-0001 Informational Bulletin: Impact of OSS CVEs in PAN-OS2024-02-14
CISA ICS
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.12023-12-14

💬Community

1
Bugzilla
CVE-2023-35001 kernel: nf_tables: stack-out-of-bounds-read in nft_byteorder_eval()2023-07-06