CVE-2023-31436 Information

Description

qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.

Reference

https://github.com/torvalds/linux/commit/3037933448f60f9acb705997eae62013ecb81e0d https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2.13 https://www.spinics.net/lists/stable-commits/msg294885.html