vulnerability
Amazon Linux AMI 2: CVE-2023-35788: Security patch for kernel, kernel-livepatch-5.10.177-158.645, kernel-livepatch-5.10.178-162.673, kernel-livepatch-5.10.179-166.674, kernel-livepatch-5.10.179-168.710, kernel-livepatch-5.10.179-171.711 (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:S/C:C/I:C/A:C) | Jun 16, 2023 | Jun 30, 2023 | Jan 28, 2025 |
Severity
7
CVSS
(AV:L/AC:L/Au:S/C:C/I:C/A:C)
Published
Jun 16, 2023
Added
Jun 30, 2023
Modified
Jan 28, 2025
Description
An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.
Solution(s)
amazon-linux-ami-2-upgrade-bpftoolamazon-linux-ami-2-upgrade-bpftool-debuginfoamazon-linux-ami-2-upgrade-kernelamazon-linux-ami-2-upgrade-kernel-debuginfoamazon-linux-ami-2-upgrade-kernel-debuginfo-common-aarch64amazon-linux-ami-2-upgrade-kernel-debuginfo-common-x86_64amazon-linux-ami-2-upgrade-kernel-develamazon-linux-ami-2-upgrade-kernel-headersamazon-linux-ami-2-upgrade-kernel-livepatch-5-10-177-158-645amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-177-158-645-debuginfoamazon-linux-ami-2-upgrade-kernel-livepatch-5-10-178-162-673amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-178-162-673-debuginfoamazon-linux-ami-2-upgrade-kernel-livepatch-5-10-179-166-674amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-179-166-674-debuginfoamazon-linux-ami-2-upgrade-kernel-livepatch-5-10-179-168-710amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-179-168-710-debuginfoamazon-linux-ami-2-upgrade-kernel-livepatch-5-10-179-171-711amazon-linux-ami-2-upgrade-kernel-livepatch-5-10-179-171-711-debuginfoamazon-linux-ami-2-upgrade-kernel-livepatch-5-10-184-174-730amazon-linux-ami-2-upgrade-kernel-livepatch-5-15-117-72-142amazon-linux-ami-2-upgrade-kernel-toolsamazon-linux-ami-2-upgrade-kernel-tools-debuginfoamazon-linux-ami-2-upgrade-kernel-tools-develamazon-linux-ami-2-upgrade-perfamazon-linux-ami-2-upgrade-perf-debuginfoamazon-linux-ami-2-upgrade-python-perfamazon-linux-ami-2-upgrade-python-perf-debuginfo
References
- AMAZON-AL2/ALASKERNEL-5.10-2023-034
- AMAZON-AL2/ALASKERNEL-5.15-2023-021
- AMAZON-AL2/ALASKERNEL-5.4-2023-047
- AMAZON-AL2/ALASLIVEPATCH-2023-137
- AMAZON-AL2/ALASLIVEPATCH-2023-138
- AMAZON-AL2/ALASLIVEPATCH-2023-139
- AMAZON-AL2/ALASLIVEPATCH-2023-140
- AMAZON-AL2/ALASLIVEPATCH-2023-141
- CVE-2023-35788
- https://attackerkb.com/topics/CVE-2023-35788
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.