CVE-2023-3773
CVSS v3.1
4.4 (Medium)
EPSS
0.05 % (18th)
Affected Products
4
Advisories
11
A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to cause a 4 byte out-of-bounds read of XFRMA_MTIMER_THRESH when parsing netlink attributes, leading to potential leakage of sensitive heap data to userspace.
Weaknesses
- CWE-125
- Out-of-bounds Read
- CVE Status
- PUBLISHED
- CNA
- Red Hat, Inc.
- Published Date
-
2023-07-25 16:15:11
(13 months ago) - Updated Date
-
2023-11-07 14:15:22
(10 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Configuration #3
|
Configuration #4
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...