CVE-2023-35001

CVSS v3.1 7.8 (High)

EPSS 0.05 % (18^th)

Affected Products 8

Advisories 83

Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace

Weaknesses

CWE-787: Out-of-bounds Write

CVE Status: PUBLISHED
CNA: Canonical Ltd.
Published Date: 2023-07-05 19:15:10
(14 months ago)
Updated Date: 2024-01-11 19:15:09
(8 months ago)

Affected Products

Debian

Debian Linux

Fedoraproject

Fedora

Linux

Linux Kernel

Netapp

Configuration #1

		CPE23	From	Up To
	Linux Kernel from 3.13 version and prior 4.14.322 version	cpe:2.3:o:linux:linux_kernel	>= 3.13	< 4.14.322
	Linux Kernel from 4.15 version and 4.19.291 and prior versions	cpe:2.3:o:linux:linux_kernel	>= 4.15	<= 4.19.291
	Linux Kernel from 4.20 version and prior 5.4.251 version	cpe:2.3:o:linux:linux_kernel	>= 4.20	< 5.4.251
	Linux Kernel from 5.5 version and prior 5.10.188 version	cpe:2.3:o:linux:linux_kernel	>= 5.5	< 5.10.188
	Linux Kernel from 5.11 version and prior 5.15.121 version	cpe:2.3:o:linux:linux_kernel	>= 5.11	< 5.15.121
	Linux Kernel from 5.16 version and prior 6.1.39 version	cpe:2.3:o:linux:linux_kernel	>= 5.16	< 6.1.39
	Linux Kernel from 6.2 version and prior 6.4.4 version	cpe:2.3:o:linux:linux_kernel	>= 6.2	< 6.4.4

Configuration #2

		CPE23	From	Up To
	Debian Linux 11.0	cpe:2.3:o:debian:debian_linux:11.0

Configuration #3

		CPE23	From	Up To
	Fedoraproject Fedora 37	cpe:2.3:o:fedoraproject:fedora:37
	Fedoraproject Fedora 38	cpe:2.3:o:fedoraproject:fedora:38

Configuration #4

		CPE23	From	Up To
	Netapp H300s	cpe:2.3:h:netapp:h300s:-
	Netapp H410c	cpe:2.3:h:netapp:h410c:-
	Netapp H410s	cpe:2.3:h:netapp:h410s:-
	Netapp H500s	cpe:2.3:h:netapp:h500s:-
	Netapp H700s	cpe:2.3:h:netapp:h700s:-