CVE-2023-3773 — Out-of-bounds Read in Linux
Severity
7.8HIGHNVD
NVD4.4CNA5.5OSV4.7OSV4.6OSV4.4
EPSS
0.0%
top 95.81%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJul 25
Latest updateDec 24
Description
A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to cause a 4 byte out-of-bounds read of XFRMA_MTIMER_THRESH when parsing netlink attributes, leading to potential leakage of sensitive heap data to userspace.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 0.8 | Impact: 3.6
Affected Packages5 packages
▶CVEListV5linux/linux13b00b135665c92065a27c0c39dd97e0f380bd4f — 8ad9bc25cbdcec72e7ca43dd8281decb69ea9a70+15
Also affects: Debian Linux 10.0, 12.0, Enterprise Linux 8.0, 9.0
🔴Vulnerability Details
29GHSA▶
GHSA-8vph-jw2x-79f2: In the Linux kernel, the following vulnerability has been resolved:
vdpa: Add queue index attr to vdpa_nl_policy for nlattr length check
The vdpa_nl↗2025-12-24
OSV▶
CVE-2023-54031: In the Linux kernel, the following vulnerability has been resolved: vdpa: Add queue index attr to vdpa_nl_policy for nlattr length check The vdpa_nl_p↗2025-12-24
OSV▶
CVE-2023-53652: In the Linux kernel, the following vulnerability has been resolved: vdpa: Add features attr to vdpa_nl_policy for nlattr length check The vdpa_nl_poli↗2025-10-07