Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2023-31436

Good to know:

icon

Date: April 27, 2023

qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.

Language: C

Severity Score

Related Resources (12)

https://www.spinics.net/lists/stable-commits/msg294885.html
http://packetstormsecurity.com/files/173757/Kernel-Live-Patch-Security-Notice-LSN-0096-1.html
https://lists.debian.org/debian-lts-announce/2023/06/msg00008.html
https://github.com/torvalds/linux/commit/3037933448f60f9acb705997eae62013ecb81e0d
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2.13
https://www.debian.org/security/2023/dsa-5402
http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html
https://nvd.nist.gov/vuln/detail/CVE-2023-31436
https://security.netapp.com/advisory/ntap-20230609-0001/
http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html
https://access.redhat.com/security/cve/CVE-2023-31436
https://www.mend.io/vulnerability-database/CVE-2023-31436

Severity Score

Weakness Type (CWE)

Out-of-bounds Write

CWE-787

Top Fix

icon

Upgrade Version

Upgrade to version v4.14.314,v4.19.282,v5.10.179,v5.15.109,v5.4.242,v6.1.26,v6.2.13

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): LOW
User Interaction (UI): REQUIRED
Scope (S): CHANGED
Confidentiality (C): LOW
Integrity (I): LOW
Availability (A): NONE

Do you need more information?

Contact Us