Back to bug 2218944
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Guilherme de Almeida Suckevicz | 2023-06-30 16:47:57 UTC | CC | security-response-team | |
| Guilherme de Almeida Suckevicz | 2023-06-30 16:49:37 UTC | Blocks | 2218946 | |
| Guilherme de Almeida Suckevicz | 2023-06-30 17:00:45 UTC | Depends On | 2218949, 2218950 | |
| Guilherme de Almeida Suckevicz | 2023-07-03 12:38:07 UTC | CC | sdubroca | |
| Red Hat Bugzilla | 2023-07-03 12:38:07 UTC | CC | security-response-team | |
| Mauro Matteo Cascella | 2023-07-04 16:15:05 UTC | Blocks | 2219629 | |
| Mauro Matteo Cascella | 2023-07-04 16:17:57 UTC | Blocks | 2218946 | |
| Mauro Matteo Cascella | 2023-07-04 16:27:06 UTC | Summary | EMBARGOED TRIAGE kernel: out-of-bounds read of XFRMA_MTIMER_THRESH nlattr | EMBARGOED TRIAGE kernel: xfrm: out-of-bounds read of XFRMA_MTIMER_THRESH nlattr |
| Red Hat Bugzilla | 2023-07-07 08:35:33 UTC | CC | security-response-team | |
| Assignee | security-response-team | nobody | ||
| Mauro Matteo Cascella | 2023-07-19 14:16:40 UTC | Summary | EMBARGOED TRIAGE kernel: xfrm: out-of-bounds read of XFRMA_MTIMER_THRESH nlattr | EMBARGOED CVE-2023-3773 kernel: xfrm: out-of-bounds read of XFRMA_MTIMER_THRESH nlattr |
| Alias | CVE-2023-3773 | |||
| Mauro Matteo Cascella | 2023-07-19 14:29:34 UTC | Depends On | 2224006, 2224005 | |
| Mauro Matteo Cascella | 2023-07-19 15:25:28 UTC | Doc Text | A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). A malicious user with CAP_NET_ADMIN privileges could use this flaw to cause a 4 byte out-of-bounds read of XFRMA_MTIMER_THRESH when parsing netlink attributes, leading to potential leakage of sensitive heap data to userspace. | |
| Paige Jung | 2023-07-19 16:01:15 UTC | Doc Text | A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). A malicious user with CAP_NET_ADMIN privileges could use this flaw to cause a 4 byte out-of-bounds read of XFRMA_MTIMER_THRESH when parsing netlink attributes, leading to potential leakage of sensitive heap data to userspace. | A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to cause a 4 byte out-of-bounds read of XFRMA_MTIMER_THRESH when parsing netlink attributes, leading to potential leakage of sensitive heap data to userspace. |
| Mauro Matteo Cascella | 2023-07-25 15:24:47 UTC | Group | qe_staff, security | |
| CC | kernel-mgr, tglozar | |||
| Summary | EMBARGOED CVE-2023-3773 kernel: xfrm: out-of-bounds read of XFRMA_MTIMER_THRESH nlattr | CVE-2023-3773 kernel: xfrm: out-of-bounds read of XFRMA_MTIMER_THRESH nlattr | ||
| Mauro Matteo Cascella | 2023-07-25 15:25:51 UTC | Depends On | 2225630 | |
| Kazu Yoshida | 2023-08-10 00:26:41 UTC | CC | kyoshida |
Back to bug 2218944