USN-6205-1

Advisory lineage Upstream: 2 Downstream: 0

Upstream

CVE-2023-35788 UBUNTU-CVE-2023-35788

Published: 06 Jul 2023, 18:02

Last modified:03 Jun 2026, 13:34

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

06 Jul 2023, 18:02

Published

Vulnerability first disclosed

03 Jun 2026, 13:34

Last Modified

Vulnerability information updated

Description

linux-gke vulnerabilities Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35788, LP: #2023577) It was discovered that for some Intel processors the INVLPG instruction implementation did not properly flush global TLB entries when PCIDs are enabled. An attacker could use this to expose sensitive information (kernel memory) or possibly cause undesired behaviors. (LP: #2023220)

Affected Systems

ubuntu•linux-gke
< 5.4.0-1103.110

USN-6205-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (4)