Lucene search
Gwangun Jung at THEORIZDI-24-593HistoryJun 10, 2024 - 12:00 a.m.
Linux Kernel Net Scheduler Out-Of-Bounds Access Local Privilege Escalation Vulnerability
2024-06-1000:00:00
Gwangun Jung at THEORI
www.zerodayinitiative.com
linux
kernel
net scheduler
out-of-bounds access
local privilege escalation
vulnerability
mtu value
qfq scheduler
memory access
arbitrary code
This vulnerability allows local attackers to escalate privileges on affected installations of the Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of the MTU value provided to the QFQ Scheduler. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated object. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel.
Related
redhatcve
redhatcve
CVE-2023-31436
2023-05-02 18:22:34
CVE-2023-39190
2023-10-09 09:51:13
nessus
nessus
SUSE SLES15 Security Update : kernel (Live Patch 35 for SLE 15 SP2) (SUSE-SU-2023:2700-1)
2023-06-29 00:00:00
SUSE SLES15 Security Update : kernel (Live Patch 11 for SLE 15 SP4) (SUSE-SU-2023:2734-1)
2023-06-30 00:00:00
Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2023-179)
2023-05-24 00:00:00
cbl_mariner
cbl_mariner
CVE-2023-31436 affecting package kernel for versions less than 5.15.111.1-1
2023-05-25 09:38:10
CVE-2023-31436 affecting package hyperv-daemons 5.10.177.1-1
2023-05-25 17:55:45
cve
cve
debiancve
debiancve
CVE-2023-31436
2023-04-28 02:15:09
ubuntucve
ubuntucve
nvd
nvd
prion
prion
Design/Logic Flaw
2023-04-28 02:15:00
Design/Logic Flaw
2023-07-28 14:15:00
Open redirect
2023-05-01 13:15:00
cvelist
cvelist
CVE-2023-31436
2023-04-28 00:00:00
amazon
amazon
Medium: kernel
2023-05-11 17:49:00
Medium: kernel
2023-05-11 18:00:00
openvas
openvas
Debian: Security Advisory (DSA-5402-1)
2023-05-15 00:00:00
Debian: Security Advisory (DLA-3446-1)
2023-06-07 00:00:00
Ubuntu: Security Advisory (USN-6130-1)
2023-06-02 00:00:00
debian
debian
[SECURITY] [DSA 5402-1] linux security update
2023-05-13 11:20:28
[SECURITY] [DLA 3446-1] linux-5.10 security update
2023-06-05 18:45:37
osv
osv
linux - security update
2023-05-13 00:00:00
linux-5.10 - security update
2023-06-05 00:00:00
redhat
redhat
(RHSA-2024:1377) Important: kpatch-patch security update
2024-03-19 14:30:59
(RHSA-2024:1323) Important: kpatch-patch security update
2024-03-13 22:30:50
(RHSA-2024:1831) Important: kernel security update
2024-04-16 00:09:13
oraclelinux
oraclelinux
kernel security update
2024-04-22 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2023-06-01 00:00:00
Linux kernel vulnerabilities
2023-06-08 00:00:00
Linux kernel vulnerabilities
2023-06-01 00:00:00
mageia
mageia
Updated kernel-linus packages fix security vulnerabilities
2023-05-19 10:23:17
Updated kernel packages fix security vulnerabilities
2023-05-16 22:17:40
centos
centos
bpftool, kernel, perf, python security update
2024-01-12 19:36:38
virtuozzo
virtuozzo
cloudlinux
cloudlinux
kernel: Fix of 10 CVEs
2023-11-21 18:37:30
kernel: Fix of 10 CVEs
2023-11-21 18:24:34
photon
photon
Important Photon OS Security Update - PHSA-2023-3.0-0585
2023-05-24 00:00:00
