Updated: 2023-07-22
CWE: CWE-787 Out-of-bounds Write
Description:
An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. The qfq_change_agg() function in net/sched/sch_qfq.c allows an out-of-bounds write because lmax is updated according to packet sizes without bounds checks. We recommend upgrading past commit 3e337087c3b5805fe0b8a46ba622a962880b5d64.
CVSS3: 7.8
| OS | Vendor version | Errata |
|---|---|---|
| Oracle Linux 8 | 4.18.0-513.5.1.el8_9 | ELSA-2023-7077 |
| Oracle Linux 7 | 3.10.0-1160.105.1.0.1.el7 | ELSA-2023-7423 |
| Debian 12 | 6.1.52-1 | DSA-5492-1 |
| RHEL 7 | 3.10.0-1160.105.1.el7 | RHSA-2023:7423 |
| Ubuntu 16.04 ESM | 4.4.0-244.278 | USN-6309-1 |
| Ubuntu 16.04 HWE ESM | 4.15.0-216.227~16.04.1 | USN-6342-1 |
| Ubuntu 16.04 AWS ESM | 4.4.0-1160.175 | USN-6309-1 |
| Ubuntu 16.04 GCP ESM | 4.15.0-1154.171~16.04.1 | USN-6342-1 |
| Ubuntu 16.04 AWS HWE ESM | 4.15.0-1160.173~16.04.1 | USN-6342-1 |
| Ubuntu 16.04 Azure ESM | 4.15.0-1169.184~16.04.1 | USN-6342-2 |
| Ubuntu 14.04 HWE ESM | 4.4.0-244.278~14.04.1 | USN-6309-1 |
| Ubuntu 20.04 HWE AWS | 5.15.0-1043.48~20.04.1 | USN-6315-1 |
| Ubuntu 20.04 HWE Azure | 5.15.0-1045.52~20.04.1 | USN-6332-1 |
| Ubuntu 22.04 | 5.15.0-82.91 | USN-6315-1 |
| Ubuntu 22.04 AWS | 5.15.0-1043.48 | USN-6315-1 |
| Ubuntu 22.04 Azure | 5.15.0-1045.52 | USN-6332-1 |
| Debian 11 cloud | 5.10.191-1 | DSA-5480-1 |
| Debian 11 | 5.10.191-1 | DSA-5480-1 |
| AlmaLinux 8 | 4.18.0-513.5.1.el8_9 | ALSA-2023:7077 |
| Amazon Linux 2 | 4.14.320-243.544.amzn2 | ALAS-2023-2179 |
| Ubuntu 20.04 AWS | 5.4.0-1108.116 | USN-6317-1 |
| RHEL 8 | 4.18.0-513.5.1.el8_9 | RHSA-2023:7077 |
| Rocky Linux 8 | 4.18.0-513.5.1.el8_9 | RLSA-2023:7077 |
| Ubuntu 20.04 Azure | 5.4.0-1114.120 | USN-6331-1 |
| Ubuntu 20.04 GCP | 5.4.0-1111.120 | USN-6317-1 |
| Amazon Linux 1 | 4.14.320-169.544.amzn1 | ALAS-2023-1792 |
| Ubuntu 20.04 | 5.4.0-159.176 | USN-6317-1 |
| Amazon Linux 2 5.10 | 5.10.186-179.751.amzn2 | ALASKERNEL-5.10-2023-038 |
| Amazon Linux 2 5.4 | 5.4.250-166.369.amzn2 | ALASKERNEL-5.4-2023-050 |
| Oracle Linux 6 UEK 4 | 4.1.12-124.79.2.el6uek | ELSA-2023-12842 |
| Oracle Linux 7 UEK 4 | 4.1.12-124.79.2.el7uek | ELSA-2023-12842 |
| OS | Original kernel version | State |
|---|---|---|
| Oracle Linux 8 |
4.18.0-477.27.1.el8_8
show all
hide all
4.18.0-80.1.2.el8_0
4.18.0-80.11.1.el8_0
4.18.0-80.11.2.el8_0
4.18.0-147.0.2.el8_1
4.18.0-147.0.3.el8_1
4.18.0-147.3.1.el8_1
4.18.0-147.5.1.el8_1
4.18.0-147.8.1.el8_1
4.18.0-147.el8
4.18.0-193.1.2.el8_2
4.18.0-193.13.2.el8_2
4.18.0-193.14.3.el8_2
4.18.0-193.19.1.el8_2
4.18.0-193.28.1.el8_2
4.18.0-193.6.3.el8_2
4.18.0-193.el8
4.18.0-240.1.1.el8_3
4.18.0-240.10.1.el8_3
4.18.0-240.15.1.el8_3
4.18.0-240.22.1.el8_3
4.18.0-240.8.1.el8_3
4.18.0-240.el8
4.18.0-305.10.2.el8_4
4.18.0-305.12.1.el8_4
4.18.0-305.17.1.el8_4
4.18.0-305.19.1.el8_4
4.18.0-305.25.1.el8_4
4.18.0-305.3.1.el8_4
4.18.0-305.7.1.el8_4
4.18.0-305.el8
4.18.0-348.12.2.el8_5
4.18.0-348.2.1.el8_5
4.18.0-348.20.1.el8_5
4.18.0-348.23.1.el8_5
4.18.0-348.7.1.el8_5
4.18.0-348.el8
4.18.0-372.13.1.0.1.el8_6
4.18.0-372.16.1.0.1.el8_6
4.18.0-372.19.1.0.1.el8_6
4.18.0-372.26.1.0.1.el8_6
4.18.0-372.32.1.0.1.el8_6
4.18.0-372.9.1.el8
4.18.0-425.10.1.el8_7
4.18.0-425.13.1.el8_7
4.18.0-425.19.2.el8_7
4.18.0-425.3.1.el8
4.18.0-477.10.1.el8_8
4.18.0-477.13.1.el8_8
4.18.0-477.15.1.el8_8
4.18.0-477.21.1.el8_8
4.18.0-477.27.0.1.el8_8
4.18.0-80.4.2.el8_0
4.18.0-80.7.1.el8_0
4.18.0-80.7.2.el8_0
4.18.0-80.el8
|
In Rollout |
| Oracle Linux 7 | |
Planned |
| Debian 12 | |
Planned |
| RHEL 7 | |
In Progress |
| Ubuntu 16.04 ESM | |
Will Not Fix |
| Ubuntu 16.04 HWE ESM | |
Planned |
| Ubuntu 16.04 AWS ESM | |
Will Not Fix |
| Ubuntu 16.04 GCP ESM | |
Planned |
| Ubuntu 16.04 AWS HWE ESM | |
Planned |
| Ubuntu 16.04 Azure ESM | |
Planned |
| Ubuntu 14.04 HWE ESM | |
Will Not Fix |
| Ubuntu 20.04 HWE AWS | |
Planned |
| Ubuntu 20.04 HWE Azure | |
Planned |
| Ubuntu 22.04 | |
Planned |
| Ubuntu 22.04 AWS | |
Planned |
| Ubuntu 22.04 Azure | |
Planned |
| Debian 11 cloud | |
In Progress |
| Debian 11 | |
In Progress |
| AlmaLinux 8 | |
Planned |
| Amazon Linux 2 |
4.14.121-109.96.amzn2
show all
hide all
4.14.106-97.85.amzn2
4.14.104-95.84.amzn2
4.14.114-103.97.amzn2
4.14.101-91.76.amzn2
4.14.133-113.105.amzn2
4.14.146-119.123.amzn2
4.14.114-105.126.amzn2
4.14.123-111.109.amzn2
4.14.133-113.112.amzn2
4.14.152-127.182.amzn2
4.14.67-71.56.amzn2
4.14.42-61.37.amzn2
4.14.33-59.34.amzn2
4.14.77-80.57.amzn2
4.14.62-70.117.amzn2
4.14.88-88.76.amzn2
4.14.88-88.73.amzn2
4.14.72-73.55.amzn2
4.14.94-89.73.amzn2
4.14.51-66.38.amzn2
4.14.154-128.181.amzn2
4.14.128-112.105.amzn2
4.14.26-54.32.amzn2
4.14.70-72.55.amzn2
4.14.97-90.72.amzn2
4.14.165-131.185.amzn2
4.14.143-118.123.amzn2
4.14.146-120.181.amzn2
4.14.152-124.171.amzn2
4.14.109-99.92.amzn2
4.14.171-136.231.amzn2
4.14.158-129.185.amzn2
4.14.165-133.209.amzn2
4.14.173-137.228.amzn2
4.14.177-139.254.amzn2
4.14.173-137.229.amzn2
4.14.177-139.253.amzn2
4.14.181-140.257.amzn2
4.14.186-146.268.amzn2
4.14.181-142.260.amzn2
4.14.192-147.314.amzn2
4.14.193-149.317.amzn2
4.14.198-152.320.amzn2
4.14.200-155.322.amzn2
4.14.203-156.332.amzn2
4.14.209-160.335.amzn2
4.14.214-160.339.amzn2
4.14.209-160.339.amzn2
4.14.219-161.340.amzn2
4.14.225-168.357.amzn2
4.14.231-173.360.amzn2
4.14.219-164.354.amzn2
4.14.225-169.362.amzn2
4.14.232-176.381.amzn2
4.14.232-177.418.amzn2
4.14.238-182.421.amzn2
4.14.238-182.422.amzn2
4.14.231-173.361.amzn2
4.14.241-184.433.amzn2
4.14.243-185.433.amzn2
4.14.246-187.474.amzn2
4.14.248-189.473.amzn2
4.14.252-195.481.amzn2
4.14.252-195.483.amzn2
4.14.256-197.484.amzn2
4.14.262-200.489.amzn2
4.14.268-205.500.amzn2
4.14.273-207.502.amzn2
4.14.275-207.503.amzn2
4.14.276-211.499.amzn2
4.14.281-212.502.amzn2
4.14.285-215.501.amzn2
4.14.287-215.504.amzn2
4.14.290-217.505.amzn2
4.14.291-218.527.amzn2
4.14.294-220.533.amzn2
4.14.296-222.539.amzn2
4.14.299-223.520.amzn2
4.14.301-224.520.amzn2
4.14.304-226.531.amzn2
4.14.301-225.528.amzn2
4.14.309-231.529.amzn2
4.14.305-227.531.amzn2
4.14.313-235.533.amzn2
4.14.314-237.533.amzn2
4.14.314-238.539.amzn2
4.14.318-240.529.amzn2
4.14.318-241.531.amzn2
4.14.320-242.534.amzn2
4.14.311-233.529.amzn2
|
Released |
| Ubuntu 20.04 AWS |
5.4.0-1063.66
show all
hide all
5.4.0-1064.67
5.4.0-1081.88
5.4.0-1083.90
5.4.0-1084.91
5.4.0-1085.92
5.4.0-1086.93
5.4.0-1088.96
5.4.0-1089.97
5.4.0-1106.114
5.4.0-1107.115
5.4.0-1011.11
5.4.0-1015.15
5.4.0-1016.16
5.4.0-1017.17
5.4.0-1018.18
5.4.0-1019.19
5.4.0-1020.20
5.4.0-1021.21
5.4.0-1022.22
5.4.0-1023.23
5.4.0-1024.24
5.4.0-1025.25
5.4.0-1026.26
5.4.0-1028.29
5.4.0-1029.30
5.4.0-1030.31
5.4.0-1031.32
5.4.0-1032.33
5.4.0-1033.34
5.4.0-1034.35
5.4.0-1035.37
5.4.0-1036.38
5.4.0-1037.39
5.4.0-1038.40
5.4.0-1039.41
5.4.0-1041.43
5.4.0-1043.45
5.4.0-1045.47
5.4.0-1047.49
5.4.0-1048.50
5.4.0-1049.51
5.4.0-1051.53
5.4.0-1054.57
5.4.0-1055.58
5.4.0-1056.59
5.4.0-1057.60
5.4.0-1058.61
5.4.0-1059.62
5.4.0-1060.63
5.4.0-1061.64
5.4.0-1065.68
5.4.0-1066.69
5.4.0-1068.72
5.4.0-1069.73
5.4.0-1071.76
5.4.0-1072.77
5.4.0-1073.78
5.4.0-1074.79
5.4.0-1075.80
5.4.0-1078.84
5.4.0-1080.87
5.4.0-1092.100
5.4.0-1093.101
5.4.0-1094.102
5.4.0-1100.108
5.4.0-1101.109
5.4.0-1102.110
5.4.0-1096.104
5.4.0-1097.105
5.4.0-1099.107
5.4.0-1103.111
5.4.0-1104.112
5.4.0-1105.113
|
Released |
| RHEL 8 |
4.18.0-147.0.2.el8_1
show all
hide all
4.18.0-147.0.3.el8_1
4.18.0-147.3.1.el8_1
4.18.0-147.5.1.el8_1
4.18.0-147.8.1.el8_1
4.18.0-147.el8
4.18.0-193.1.2.el8_2
4.18.0-193.13.2.el8_2
4.18.0-193.14.3.el8_2
4.18.0-193.19.1.el8_2
4.18.0-193.28.1.el8_2
4.18.0-193.6.3.el8_2
4.18.0-193.el8
4.18.0-240.1.1.el8_3
4.18.0-240.10.1.el8_3
4.18.0-240.15.1.el8_3
4.18.0-240.22.1.el8_3
4.18.0-240.8.1.el8_3
4.18.0-240.el8
4.18.0-304.el8
4.18.0-305.10.2.el8_4
4.18.0-305.12.1.el8_4
4.18.0-305.17.1.el8_4
4.18.0-305.19.1.el8_4
4.18.0-305.25.1.el8_4
4.18.0-305.3.1.el8_4
4.18.0-305.7.1.el8_4
4.18.0-305.el8
4.18.0-348.12.2.el8_5
4.18.0-348.2.1.el8_5
4.18.0-348.20.1.el8_5
4.18.0-348.23.1.el8_5
4.18.0-348.7.1.el8_5
4.18.0-348.el8
4.18.0-372.13.1.el8_6
4.18.0-372.16.1.el8_6
4.18.0-372.19.1.el8_6
4.18.0-372.26.1.el8_6
4.18.0-372.32.1.el8_6
4.18.0-372.9.1.el8
4.18.0-425.10.1.el8_7
4.18.0-425.13.1.el8_7
4.18.0-425.19.2.el8_7
4.18.0-425.3.1.el8
4.18.0-477.10.1.el8_8
4.18.0-477.13.1.el8_8
4.18.0-477.15.1.el8_8
4.18.0-477.21.1.el8_8
4.18.0-477.27.1.el8_8
4.18.0-80.1.2.el8_0
4.18.0-80.11.1.el8_0
4.18.0-80.11.2.el8_0
4.18.0-80.4.2.el8_0
4.18.0-80.7.1.el8_0
4.18.0-80.7.2.el8_0
4.18.0-80.el8
|
In Rollout |
| Rocky Linux 8 | |
Planned |
| Ubuntu 20.04 Azure |
5.4.0-1108.114
show all
hide all
5.4.0-1020.20
5.4.0-1022.22
5.4.0-1023.23
5.4.0-1024.24
5.4.0-1025.25
5.4.0-1026.26
5.4.0-1027.27
5.4.0-1029.29
5.4.0-1031.32
5.4.0-1032.33
5.4.0-1033.34
5.4.0-1034.35
5.4.0-1035.36
5.4.0-1036.38
5.4.0-1037.39
5.4.0-1038.40
5.4.0-1039.41
5.4.0-1040.42
5.4.0-1041.43
5.4.0-1043.45
5.4.0-1044.46
5.4.0-1046.48
5.4.0-1047.49
5.4.0-1048.50
5.4.0-1049.51
5.4.0-1051.53
5.4.0-1055.57
5.4.0-1056.58
5.4.0-1058.60
5.4.0-1059.62
5.4.0-1061.64
5.4.0-1062.65
5.4.0-1063.66
5.4.0-1064.67
5.4.0-1065.68
5.4.0-1072.75
5.4.0-1067.70
5.4.0-1068.71
5.4.0-1069.72
5.4.0-1070.73
5.4.0-1073.76
5.4.0-1074.77
5.4.0-1077.80
5.4.0-1078.81
5.4.0-1080.83
5.4.0-1083.87
5.4.0-1085.90
5.4.0-1086.91
5.4.0-1089.94
5.4.0-1090.95
5.4.0-1091.96
5.4.0-1094.100
5.4.0-1098.104
5.4.0-1100.106
5.4.0-1101.107
5.4.0-1103.109
5.4.0-1104.110
5.4.0-1105.111
5.4.0-1106.112
5.4.0-1107.113
5.4.0-1109.115
5.4.0-1110.116
5.4.0-1111.117
5.4.0-1112.118
5.4.0-1113.119
|
Released |
| Ubuntu 20.04 GCP |
5.4.0-1049.53
show all
hide all
5.4.0-1068.72
|
Released |
| Amazon Linux 1 | |
Planned |
| Ubuntu 20.04 |
5.4.0-88.99
show all
hide all
5.4.0-89.100
5.4.0-100.113
5.4.0-105.119
5.4.0-112.126
5.4.0-113.127
5.4.0-117.132
5.4.0-131.147
5.4.0-135.152
5.4.0-136.153
5.4.0-137.154
5.4.0-123.139
5.4.0-139.156
5.4.0-146.163
5.4.0-147.164
5.4.0-148.165
5.4.0-155.172
5.4.0-156.173
5.4.0-104.118
5.4.0-107.121
5.4.0-109.123
5.4.0-110.124
5.4.0-120.136
5.4.0-121.137
5.4.0-122.138
5.4.0-124.140
5.4.0-125.141
5.4.0-126.142
5.4.0-128.144
5.4.0-132.148
5.4.0-133.149
5.4.0-144.161
5.4.0-145.162
5.4.0-149.166
5.4.0-26.30
5.4.0-28.32
5.4.0-29.33
5.4.0-30.34
5.4.0-31.35
5.4.0-32.36
5.4.0-33.37
5.4.0-34.38
5.4.0-37.41
5.4.0-38.42
5.4.0-39.43
5.4.0-40.44
5.4.0-42.46
5.4.0-43.47
5.4.0-44.48
5.4.0-45.49
5.4.0-47.51
5.4.0-46.50
5.4.0-48.52
5.4.0-49.53
5.4.0-51.56
5.4.0-52.57
5.4.0-53.59
5.4.0-54.60
5.4.0-55.61
5.4.0-56.62
5.4.0-57.63
5.4.0-58.64
5.4.0-59.65
5.4.0-60.67
5.4.0-61.69
5.4.0-62.70
5.4.0-63.71
5.4.0-64.72
5.4.0-65.73
5.4.0-66.74
5.4.0-67.75
5.4.0-70.78
5.4.0-71.79
5.4.0-72.80
5.4.0-73.82
5.4.0-74.83
5.4.0-77.86
5.4.0-80.90
5.4.0-81.91
5.4.0-84.94
5.4.0-86.97
5.4.0-90.101
5.4.0-91.102
5.4.0-92.103
5.4.0-94.106
5.4.0-96.109
5.4.0-97.110
5.4.0-99.112
5.4.0-150.167
5.4.0-152.169
5.4.0-153.170
|
Released |
| Amazon Linux 2 5.10 | |
Planned |
| Amazon Linux 2 5.4 | |
Planned |
| Oracle Linux 6 UEK 4 | |
Planned |
| Oracle Linux 7 UEK 4 | |
Planned |