cvedb.io
CVE-2023-23454
MEDIUM · CVSS 5.5
EPSS exploitation probability: 0%
Published 2023-01-12T07:15:08.193 · Last modified 2026-06-17T05:37:10.603

Summary

cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results).

Affected products

linux — linux_kernel

Does this affect you?

Add your gear to cvedb and we'll alert you only when linux ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.