An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2025-05-05T15:57:20.355Z

Reserved: 2023-06-16T00:00:00.000Z

Link: CVE-2023-35788

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-06-16T21:15:09.340

Modified: 2025-05-05T16:15:41.317

Link: CVE-2023-35788

cve-icon Redhat

Severity : Important

Publid Date: 2023-05-29T00:00:00Z

Links: CVE-2023-35788 - Bugzilla

cve-icon OpenCVE Enrichment

No data.