Vulnerabilities > CVE-2023-23455 - Type Confusion vulnerability in multiple products

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
local
low complexity
linux
debian
CWE-843
NVD
Published: 2023-01-12
Updated: 2023-05-03

Summary

atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).

Vulnerable Configurations

Part Description Count
OS
Linux
4111
OS
Debian
1

Common Weakness Enumeration (CWE)

References