Back to bug 2225097
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Alex | 2023-07-24 10:20:39 UTC | CC | dfreiber, jburrell, rogbas, vkumar | |
| Alex | 2023-07-24 10:24:22 UTC | Depends On | 2225102, 2225103 | |
| Rohit Keshri | 2023-07-25 15:23:15 UTC | Alias | TRIAGE-CVE-2023-3776 | CVE-2023-3776 |
| Summary | TRIAGE-CVE-2023-3776 kernel: net/sched: cls_fw component can be exploited as result of failure in tcf_change_indev function | CVE-2023-3776 CVE-2023-3776 kernel: net/sched: cls_fw component can be exploited as result of failure in tcf_change_indev function | ||
| Rohit Keshri | 2023-07-25 15:26:41 UTC | Summary | CVE-2023-3776 CVE-2023-3776 kernel: net/sched: cls_fw component can be exploited as result of failure in tcf_change_indev function | CVE-2023-3776 kernel: net/sched: cls_fw component can be exploited as result of failure in tcf_change_indev function |
| Fixed In Version | Kernel 6.5-rc2 | |||
| Rohit Keshri | 2023-07-25 15:41:05 UTC | CC | jpoimboe, kpatch-maint, rhandlin | |
| Rohit Keshri | 2023-07-25 15:54:28 UTC | Depends On | 2225659, 2225658, 2225654, 2225642, 2225664, 2225657, 2225644, 2225651, 2225638, 2225649, 2225661, 2225636, 2225637, 2225655, 2225645, 2225656, 2225646, 2225640, 2225648, 2225660, 2225643, 2225641, 2225663, 2225650, 2225662, 2225665, 2225652, 2225647, 2225639, 2225653 | |
| Rohit Keshri | 2023-07-25 16:18:55 UTC | Doc Text | A use-after-free vulnerability was found in fw_set_parms in net/sched/cls_fw.c in network scheduler sub-component in the Linux Kernel. This flaw can be exploited to a local privilege escalation problem by a local attacker, leading to a misleading reference, due to a missing sanity check while cleanup at the time of failure. | |
| Joe Lawrence | 2023-07-25 17:01:54 UTC | CC | rkeshri | |
| Flags | needinfo?(rkeshri) | |||
| Paige Jung | 2023-07-25 19:05:48 UTC | Doc Text | A use-after-free vulnerability was found in fw_set_parms in net/sched/cls_fw.c in network scheduler sub-component in the Linux Kernel. This flaw can be exploited to a local privilege escalation problem by a local attacker, leading to a misleading reference, due to a missing sanity check while cleanup at the time of failure. | A use-after-free vulnerability was found in fw_set_parms in net/sched/cls_fw.c in network scheduler sub-component in the Linux Kernel. This issue occurs due to a missing sanity check during cleanup at the time of failure, leading to a misleading reference. This may allow a local attacker to gain local privilege escalation. |
| Rohit Keshri | 2023-07-26 04:26:11 UTC | Depends On | 2226640 | |
| Rohit Keshri | 2023-07-26 04:27:23 UTC | Flags | needinfo?(rkeshri) |
Back to bug 2225097