Back to bug 2218672
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Guilherme de Almeida Suckevicz | 2023-06-29 19:34:42 UTC | Depends On | 2218673 | |
| Guilherme de Almeida Suckevicz | 2023-06-29 19:34:48 UTC | Blocks | 2218674 | |
| Guilherme de Almeida Suckevicz | 2023-06-29 19:36:16 UTC | CC | dfreiber, jburrell, rogbas, vkumar | |
| Summary | TRIAGE-CVE-2023-3090 kernel: heap-based buffer overflow in the ipvlan network driver | TRIAGE-CVE-2023-3090 kernel: out-of-bounds write in the ipvlan network driver due to missing initialization | ||
| Guilherme de Almeida Suckevicz | 2023-06-29 19:40:07 UTC | Depends On | 2218676, 2218677 | |
| Mauro Matteo Cascella | 2023-07-04 18:00:04 UTC | Alias | TRIAGE-CVE-2023-3090 | CVE-2023-3090 |
| Priority | medium | high | ||
| Severity | medium | high | ||
| Fixed In Version | kernel 6.4-rc2 | |||
| Summary | TRIAGE-CVE-2023-3090 kernel: out-of-bounds write in the ipvlan network driver due to missing initialization | CVE-2023-3090 TRIAGE-CVE-2023-3090 kernel: out-of-bounds write in the ipvlan network driver due to missing initialization | ||
| Mauro Matteo Cascella | 2023-07-04 18:04:48 UTC | CC | jpoimboe, kpatch-maint, rhandlin | |
| Mauro Matteo Cascella | 2023-07-04 18:08:09 UTC | Summary | CVE-2023-3090 TRIAGE-CVE-2023-3090 kernel: out-of-bounds write in the ipvlan network driver due to missing initialization | CVE-2023-3090 kernel: ipvlan: out-of-bounds write caused by unclear skb->cb |
| Mauro Matteo Cascella | 2023-07-04 18:13:39 UTC | Depends On | 2219659, 2219656, 2219658, 2219660, 2219657, 2219662, 2219661 | |
| Mauro Matteo Cascella | 2023-07-04 18:16:44 UTC | Depends On | 2219666, 2219665, 2219669, 2219671, 2219667, 2219670, 2219664, 2219668 | |
| Mauro Matteo Cascella | 2023-07-04 18:19:08 UTC | Depends On | 2219678, 2219676, 2219673, 2219679, 2219675, 2219674, 2219677 | |
| Mauro Matteo Cascella | 2023-07-04 19:09:21 UTC | Doc Text | A flaw was found in the IPVLAN network driver in the Linux kernel. The bug is caused by missing skb->cb initialization in `__ip_options_echo` and can lead to an out-of-bounds write stack overflow. A local user could exploit this flaw to cause a denial of service or potentially achieve local privilege escalation. | |
| Paige Jung | 2023-07-04 21:06:34 UTC | Doc Text | A flaw was found in the IPVLAN network driver in the Linux kernel. The bug is caused by missing skb->cb initialization in `__ip_options_echo` and can lead to an out-of-bounds write stack overflow. A local user could exploit this flaw to cause a denial of service or potentially achieve local privilege escalation. | A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb->cb initialization in `__ip_options_echo` and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege escalation. |
| Red Hat Bugzilla | 2023-07-07 08:32:03 UTC | Assignee | security-response-team | nobody |
| errata-xmlrpc | 2023-08-01 08:59:28 UTC | Link ID | Red Hat Product Errata RHSA-2023:4378 | |
| errata-xmlrpc | 2023-08-01 09:12:43 UTC | Link ID | Red Hat Product Errata RHSA-2023:4380 | |
| errata-xmlrpc | 2023-08-01 09:17:34 UTC | Link ID | Red Hat Product Errata RHSA-2023:4377 | |
| errata-xmlrpc | 2023-08-08 07:22:25 UTC | Link ID | Red Hat Product Errata RHSA-2023:4516 | |
| errata-xmlrpc | 2023-08-08 07:22:33 UTC | Link ID | Red Hat Product Errata RHSA-2023:4515 |
Back to bug 2218672