CVE-2023-42756

🗓️ 28 Sep 2023 13:55:37Reported by redhatType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 208 Views

Flaw in Netfilter subsystem of Linux kernel, race condition leading to kernel panic

Reporter	Title	Published	Views	Family All 226
Tenable Nessus	Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2023-385)	24 Oct 202300:00	–	nessus
Tenable Nessus	Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2023-042 (ALASKERNEL-5.10-2023-042)	1 Nov 202300:00	–	nessus
Tenable Nessus	Amazon Linux 2 : kernel (ALASKERNEL-5.15-2023-028)	18 Oct 202300:00	–	nessus
Tenable Nessus	Amazon Linux 2 : kernel (ALASKERNEL-5.4-2023-055)	1 Nov 202300:00	–	nessus
Tenable Nessus	Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.4-2025-112 (ALASKERNEL-5.4-2025-112)	28 Oct 202500:00	–	nessus
Tenable Nessus	Debian dla-3623 : linux-config-5.10 - security update	20 Oct 202300:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP11 : kernel (EulerOS-SA-2023-3247)	16 Jan 202400:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP11 : kernel (EulerOS-SA-2023-3275)	16 Jan 202400:00	–	nessus
Tenable Nessus	EulerOS Virtualization 2.11.1 : kernel (EulerOS-SA-2024-1415)	21 Mar 202400:00	–	nessus
Tenable Nessus	EulerOS Virtualization 2.11.0 : kernel (EulerOS-SA-2024-1443)	21 Mar 202400:00	–	nessus

NVD

Node

linux linux_kernelRange<6.6

linux linux_kernelMatch6.6rc1

linux linux_kernelMatch6.6rc2

Node

redhat enterprise_linuxMatch9.0

Node

debian debian_linuxMatch10.0

fedoraproject fedoraMatch37

fedoraproject fedoraMatch38

fedoraproject fedoraMatch39

[
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:5.14.0-427.13.1.el9_4",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:enterprise_linux:9::crb",
      "cpe:/a:redhat:enterprise_linux:9::appstream",
      "cpe:/o:redhat:enterprise_linux:9::baseos",
      "cpe:/a:redhat:enterprise_linux:9::realtime",
      "cpe:/a:redhat:enterprise_linux:9::nfv"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:5.14.0-427.13.1.el9_4",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:enterprise_linux:9::crb",
      "cpe:/a:redhat:enterprise_linux:9::appstream",
      "cpe:/o:redhat:enterprise_linux:9::baseos",
      "cpe:/a:redhat:enterprise_linux:9::realtime",
      "cpe:/a:redhat:enterprise_linux:9::nfv"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 6",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:6"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:7"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel-rt",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:7"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:8"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel-rt",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:8"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel-rt",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:9"
    ]
  }
]

Source	Link
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
access	www.access.redhat.com/errata/RHSA-2024:2394
seclists	www.seclists.org/oss-sec/2023/q3/242
access	www.access.redhat.com/security/cve/CVE-2023-42756
lists	www.lists.fedoraproject.org/archives/list/[email protected]/message/GPMICQ2HVZO5UAM5KPXHAZKA2U3ZDOO6/
lists	www.lists.debian.org/debian-lts-announce/2023/10/msg00027.html
lists	www.lists.fedoraproject.org/archives/list/[email protected]/message/V5PDNWPKAP3WL5RQZ4RIDS6MG32OHH5R/
lists	www.lists.fedoraproject.org/archives/list/[email protected]/message/GISYSL3F6WIEVGHJGLC2MFNTUXHPTKQH/

06 Nov 2025 19:47Current

5.9Medium risk

Vulners AI Score5.9

CVSS 3.14.4 - 4.7

EPSS0.00004

SSVC

CWE-362