Lucene search

K
ubuntucveUbuntu.comUB:CVE-2023-2860
HistoryJun 29, 2023 - 12:00 a.m.

CVE-2023-2860

2023-06-2900:00:00
ubuntu.com
ubuntu.com
20
cve-2023-2860
seg6 attributes processing
improper data validation
allocated buffer

CVSS3

4.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

EPSS

0

Percentile

15.9%

An out-of-bounds read vulnerability was found in the SR-IPv6 implementation
in the Linux kernel. The flaw exists within the processing of seg6
attributes. The issue results from the improper validation of user-supplied
data, which can result in a read past the end of an allocated buffer. This
flaw allows a privileged local user to disclose sensitive information on
affected installations of the Linux kernel.

Bugs

Rows per page:
1-10 of 711

CVSS3

4.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

EPSS

0

Percentile

15.9%