CVE 2023-2860
An out-of-bounds read vulnerability was found in the SR-IPv6 implementation in the Linux kernel. The flaw exists within the processing of seg6 attributes. The issue results from the improper validation of user-supplied data, which can result in a read past the end of an allocated buffer. This flaw allows a privileged local user to disclose sensitive information on affected installations of the Linux kernel.
Related bugs and status
CVE-2023-2860 (Candidate) is related to these bugs:
Bug #2026457: jammy/linux-oem-5.17: 5.17.0-1035.36 -proposed tracker
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
2026457 | jammy/linux-oem-5.17: 5.17.0-1035.36 -proposed tracker | Kernel SRU Workflow | Medium | Fix Released | ||
2026457 | jammy/linux-oem-5.17: 5.17.0-1035.36 -proposed tracker | Kernel SRU Workflow automated-testing | Medium | Invalid | ||
2026457 | jammy/linux-oem-5.17: 5.17.0-1035.36 -proposed tracker | Kernel SRU Workflow boot-testing | Medium | Fix Released | ||
2026457 | jammy/linux-oem-5.17: 5.17.0-1035.36 -proposed tracker | Kernel SRU Workflow certification-testing | Medium | Invalid | ||
2026457 | jammy/linux-oem-5.17: 5.17.0-1035.36 -proposed tracker | Kernel SRU Workflow kernel-signoff | Medium | Fix Released | ||
2026457 | jammy/linux-oem-5.17: 5.17.0-1035.36 -proposed tracker | Kernel SRU Workflow new-review | Medium | Fix Released | ||
2026457 | jammy/linux-oem-5.17: 5.17.0-1035.36 -proposed tracker | Kernel SRU Workflow prepare-package | Medium | Fix Released | ||
2026457 | jammy/linux-oem-5.17: 5.17.0-1035.36 -proposed tracker | Kernel SRU Workflow prepare-package-generate | Medium | Fix Released | ||
2026457 | jammy/linux-oem-5.17: 5.17.0-1035.36 -proposed tracker | Kernel SRU Workflow prepare-package-lrg | Medium | Fix Released | ||
2026457 | jammy/linux-oem-5.17: 5.17.0-1035.36 -proposed tracker | Kernel SRU Workflow prepare-package-lrm | Medium | Fix Released | ||
2026457 | jammy/linux-oem-5.17: 5.17.0-1035.36 -proposed tracker | Kernel SRU Workflow prepare-package-lrs | Medium | Fix Released | ||
2026457 | jammy/linux-oem-5.17: 5.17.0-1035.36 -proposed tracker | Kernel SRU Workflow prepare-package-meta | Medium | Fix Released | ||
2026457 | jammy/linux-oem-5.17: 5.17.0-1035.36 -proposed tracker | Kernel SRU Workflow prepare-package-signed | Medium | Fix Released | ||
2026457 | jammy/linux-oem-5.17: 5.17.0-1035.36 -proposed tracker | Kernel SRU Workflow promote-signing-to-proposed | Medium | Invalid | ||
2026457 | jammy/linux-oem-5.17: 5.17.0-1035.36 -proposed tracker | Kernel SRU Workflow promote-to-proposed | Medium | Fix Released | ||
2026457 | jammy/linux-oem-5.17: 5.17.0-1035.36 -proposed tracker | Kernel SRU Workflow promote-to-security | Medium | Fix Released | ||
2026457 | jammy/linux-oem-5.17: 5.17.0-1035.36 -proposed tracker | Kernel SRU Workflow promote-to-updates | Medium | Fix Released | ||
2026457 | jammy/linux-oem-5.17: 5.17.0-1035.36 -proposed tracker | Kernel SRU Workflow regression-testing | Medium | Fix Released | ||
2026457 | jammy/linux-oem-5.17: 5.17.0-1035.36 -proposed tracker | Kernel SRU Workflow security-signoff | Medium | Fix Released | ||
2026457 | jammy/linux-oem-5.17: 5.17.0-1035.36 -proposed tracker | Kernel SRU Workflow sru-review | Medium | Fix Released | ||
2026457 | jammy/linux-oem-5.17: 5.17.0-1035.36 -proposed tracker | Kernel SRU Workflow verification-testing | Medium | Fix Released | ||
2026457 | jammy/linux-oem-5.17: 5.17.0-1035.36 -proposed tracker | linux-oem-5.17 (Ubuntu Jammy) | Medium | Fix Released | ||
2026457 | jammy/linux-oem-5.17: 5.17.0-1035.36 -proposed tracker | canonical-signing-jobs task00 | Medium | Fix Released |
See the
CVE page on Mitre.org
for more details.