VYPR
Unrated severityNVD Advisory· Published Jul 25, 2023· Updated Nov 14, 2025

Kernel: xfrm: out-of-bounds read of xfrma_mtimer_thresh nlattr

CVE-2023-3773

Description

A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to cause a 4 byte out-of-bounds read of XFRMA_MTIMER_THRESH when parsing netlink attributes, leading to potential leakage of sensitive heap data to userspace.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

65

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.