CVE: CVE-2023-6176

Descrizione: A null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm scatterwalk functionality. This issue occurs when a user constructs a malicious packet with specific socket configuration, which could allow a local user to crash the system or escalate their privileges on the system.

Vettore di attacco CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Riferimenti esterni

• https://access.redhat.com/errata/RHSA-2024:2394
• https://access.redhat.com/errata/RHSA-2024:2950
• https://access.redhat.com/errata/RHSA-2024:3138
• https://access.redhat.com/security/cve/CVE-2023-6176
• https://bugzilla.redhat.com/show_bug.cgi?id=2219359
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cfaa80c91f6f99b9342b6557f0f0e1143e434066

Prodotti interessati

• Red Hat – Red Hat Enterprise Linux 8
• Red Hat – Red Hat Enterprise Linux 8
• Red Hat – Red Hat Enterprise Linux 9
• Red Hat – Red Hat Enterprise Linux 9
• Red Hat – Red Hat Enterprise Linux 6
• Red Hat – Red Hat Enterprise Linux 7
• Red Hat – Red Hat Enterprise Linux 9

Relazioni con altri prodotti

Produttore:Red Hat
Prodotto: Red Hat Enterprise Linux 7
Anno: 2023
CWE:
CVSS: 0.0

Produttore:Red Hat
Prodotto: Red Hat Enterprise Linux 8
Anno: 2023
CWE:
CVSS: 0.0

Produttore:Red Hat
Prodotto: Red Hat Enterprise Linux 9
Anno: 2023
CWE:
CVSS: 0.0

Produttore:Red Hat
Prodotto: Red Hat Enterprise Linux 6
Anno: 2023
CWE:
CVSS: 0.0

Ulteriori risorse disponibili

• Vulnerabilità scoperte nello stesso anno (2023)