Lucene search
RedhatCVE-2023-3108HistoryJul 11, 2023 - 4:15 p.m.
CVE-2023-3108
2023-07-1116:15:12
CWE-362
redhat
web.nvd.nist.gov
67
cve-2023-3108
linux kernel
symmetric key cipher algorithms
skcipher_recvmsg
nvd
security vulnerability
CVSS3
6.2
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
5.1
Confidence
High
EPSS
0
Percentile
5.1%
A flaw was found in the subsequent get_user_pages_fast in the Linux kernel’s interface for symmetric key cipher algorithms in the skcipher_recvmsg of crypto/algif_skcipher.c function. This flaw allows a local user to crash the system.
Affected configurations
Node
linuxlinux_kernelRange<4.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 6",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 7",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel",
"defaultStatus": "unknown",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 7",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel-rt",
"defaultStatus": "unknown",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel-rt",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel-rt",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
]
}
]Related
prion
prion
Design/Logic Flaw
2023-07-11 16:15:00
ubuntucve
ubuntucve
CVE-2023-3108
2023-07-11 00:00:00
debiancve
debiancve
CVE-2023-3108
2023-07-11 16:15:12
cvelist
cvelist
nvd
nvd
CVE-2023-3108
2023-07-11 16:15:12
openvas
openvas
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-3418)
2023-12-14 00:00:00
nessus
nessus
EulerOS Virtualization 3.0.6.6 : kernel (EulerOS-SA-2023-3418)
2024-01-16 00:00:00
RHEL 7 : kernel (Unpatched Vulnerability)
2024-05-11 00:00:00
CVSS3
6.2
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
5.1
Confidence
High
EPSS
0
Percentile
5.1%
Related for CVE-2023-3108