Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2023-23455 - log back

CVE-2023-23455 created at 01 Mar 2023 21:32:09

Severity

+

Unknown

Remote

+

Unknown

Type

+	Insufficient validation

Description

+	the return code of of tcf_classify is insufficiently validated before interpreting part of the result as a pointer in the network schedulers code

References

+	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2965c7be0522eaa18808684b7b82b248515511b
+	https://kernel.dance/#CVE-2023-23455
+	https://www.openwall.com/lists/oss-security/2023/01/10/1
+	https://www.openwall.com/lists/oss-security/2023/01/10/4

Notes