CVE-2023-35788

Name: CVE-2023-35788
Creator: NVD / NIST
Published: 2023-06-16T21:15:09.34+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

HIGHCVSS 7.8/10EPSS 0.53%

Last modified Jun 17, 2026

CVE-2023-35788 is a high-severity vulnerability rated 7.8/10 on the CVSS scale. An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. EPSS estimates a 0.53% chance of exploitation in the next 30 days.

Description

An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation.

Metrics

CVSS 3.1

7.8/10

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Probability

0.53%

40.8th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

Vendor	Product	Versions
Linux	Linux Kernel	>= 4.19, < 4.19.285
Linux	Linux Kernel	>= 4.20, < 5.4.246
Linux	Linux Kernel	>= 5.5, < 5.10.183
Linux	Linux Kernel	>= 5.11, < 5.15.116
Linux	Linux Kernel	>= 5.16, < 6.1.33
Linux	Linux Kernel	>= 6.2, < 6.3.7
Debian	Debian Linux	12.0
Netapp	H300s Firmware	All versions
Netapp	H500s Firmware	All versions
Netapp	H700s Firmware	All versions
Netapp	H410s Firmware	All versions
Netapp	H410c Firmware	All versions
Canonical	Ubuntu Linux	14.04
Canonical	Ubuntu Linux	16.04
Canonical	Ubuntu Linux	18.04
Canonical	Ubuntu Linux	20.04
Canonical	Ubuntu Linux	22.04
Debian	Debian Linux	10.0
Debian	Debian Linux	11.0

References

http://packetstormsecurity.com/files/174577/Kernel-Live-Patch-Security-Notice-LSN-0097-1.htmlThird Party Advisory, VDB Entry
http://www.openwall.com/lists/oss-security/2023/06/17/1Exploit, Mailing List
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.7Mailing List, Patch
https://git.kernel.org/linus/4d56304e5827c8cc8cc18c75343d283af7c4825cPatch
https://lists.debian.org/debian-lts-announce/2023/07/msg00030.htmlMailing List, Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/10/msg00027.htmlMailing List, Third Party Advisory
https://security.netapp.com/advisory/ntap-20230714-0002/Third Party Advisory
https://www.debian.org/security/2023/dsa-5448Third Party Advisory
https://www.debian.org/security/2023/dsa-5480Third Party Advisory
https://www.openwall.com/lists/oss-security/2023/06/07/1Exploit, Mailing List
http://packetstormsecurity.com/files/174577/Kernel-Live-Patch-Security-Notice-LSN-0097-1.htmlThird Party Advisory, VDB Entry
http://www.openwall.com/lists/oss-security/2023/06/17/1Exploit, Mailing List
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.7Mailing List, Patch
https://git.kernel.org/linus/4d56304e5827c8cc8cc18c75343d283af7c4825cPatch
https://lists.debian.org/debian-lts-announce/2023/07/msg00030.htmlMailing List, Third Party Advisory
https://lists.debian.org/debian-lts-announce/2023/10/msg00027.htmlMailing List, Third Party Advisory
https://security.netapp.com/advisory/ntap-20230714-0002/Third Party Advisory
https://www.debian.org/security/2023/dsa-5448Third Party Advisory
https://www.debian.org/security/2023/dsa-5480Third Party Advisory
https://www.openwall.com/lists/oss-security/2023/06/07/1Exploit, Mailing List

Timeline

Published: Jun 16, 2023
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2023-35788?

How severe is CVE-2023-35788?

CVE-2023-35788 has a CVSS score of 7.8/10 (HIGH severity). The EPSS model estimates a 0.53% probability of exploitation in the next 30 days.

How do I fix CVE-2023-35788?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2023-35788?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST