Back to bug 2225511
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Alex | 2023-07-25 12:37:47 UTC | CC | security-response-team | |
| Alex | 2023-07-25 12:38:40 UTC | Depends On | 2225512, 2225513 | |
| Rohit Keshri | 2023-08-03 06:02:50 UTC | Summary | EMBARGOED TRIAGE Kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route | EMBARGOED CVE-2023-4128 TRIAGE Kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route |
| Alias | CVE-2023-4128 | |||
| Rohit Keshri | 2023-08-03 06:06:09 UTC | Summary | EMBARGOED CVE-2023-4128 TRIAGE Kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route | EMBARGOED CVE-2023-4128 Kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route |
| Rohit Keshri | 2023-08-03 06:38:04 UTC | Depends On | 2228705, 2228718, 2228711, 2228709, 2228710, 2228717, 2228703, 2228704, 2228700, 2228719, 2228712, 2228716, 2228715, 2228702, 2228701, 2228714, 2228713, 2228720, 2228708, 2228706 | |
| Rohit Keshri | 2023-08-03 06:45:44 UTC | Depends On | 2228728, 2228729, 2228726, 2228724, 2228723, 2228727, 2228722, 2228732, 2228731, 2228725, 2228730 | |
| Mauro Matteo Cascella | 2023-08-03 17:22:12 UTC | CC | dcaratti, mcascell | |
| Rohit Keshri | 2023-08-10 08:54:59 UTC | Doc Text | A use after free flaw was found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32 and cls_route) in the Linux Kernel. A local attacker may exploit this flaw as a local privilege escalation, due to an incorrect handling of the existing filter leading to a kernel information leak problem. | |
| Rohit Keshri | 2023-08-10 08:57:23 UTC | Group | security, qe_staff | |
| Summary | EMBARGOED CVE-2023-4128 Kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route | CVE-2023-4128 Kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route | ||
| CC | kernel-mgr, kpatch-maint-bot | |||
| Rohit Keshri | 2023-08-10 08:58:06 UTC | Depends On | 2230905 | |
| Mauro Matteo Cascella | 2023-08-10 09:00:11 UTC | Comment | 0 | updated |
| Rohit Keshri | 2023-08-10 11:56:03 UTC | Fixed In Version | Kernel 6.5-rc5 | |
| RaTasha Tillery-Smith | 2023-08-10 16:22:29 UTC | Doc Text | A use after free flaw was found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32 and cls_route) in the Linux Kernel. A local attacker may exploit this flaw as a local privilege escalation, due to an incorrect handling of the existing filter leading to a kernel information leak problem. | A use-after-free flaw was found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel. This flaw allows a local attacker to perform a local privilege escalation due to incorrect handling of the existing filter, leading to a kernel information leak issue. |
Back to bug 2225511