Lucene search

K
cveRedhatCVE-2023-5972
HistoryNov 23, 2023 - 6:15 p.m.

CVE-2023-5972

2023-11-2318:15:07
CWE-476
redhat
web.nvd.nist.gov
99
cve-2023-5972
nvd
linux kernel
netfilter
null pointer dereference
local user
privilege escalation

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.2

Confidence

High

EPSS

0

Percentile

5.1%

A null pointer dereference flaw was found in the nft_inner.c functionality of netfilter in the Linux kernel. This issue could allow a local user to crash the system or escalate their privileges on the system.

Affected configurations

Nvd
Node
linuxlinux_kernelRange6.2.16.5.10
OR
linuxlinux_kernelMatch6.2rc1
OR
linuxlinux_kernelMatch6.2rc2
OR
linuxlinux_kernelMatch6.2rc3
OR
linuxlinux_kernelMatch6.2rc4
OR
linuxlinux_kernelMatch6.2rc5
OR
linuxlinux_kernelMatch6.2rc6
OR
linuxlinux_kernelMatch6.2rc7
OR
linuxlinux_kernelMatch6.2rc8
OR
linuxlinux_kernelMatch6.2.0rc1
OR
linuxlinux_kernelMatch6.2.0rc2
OR
linuxlinux_kernelMatch6.2.0rc3
OR
linuxlinux_kernelMatch6.2.0rc4
OR
linuxlinux_kernelMatch6.2.0rc5
OR
linuxlinux_kernelMatch6.2.0rc6
OR
linuxlinux_kernelMatch6.6rc1
OR
linuxlinux_kernelMatch6.6rc2
OR
linuxlinux_kernelMatch6.6rc3
OR
linuxlinux_kernelMatch6.6rc4
OR
linuxlinux_kernelMatch6.6rc5
OR
linuxlinux_kernelMatch6.6rc6
Node
fedoraprojectfedoraMatch39
VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel6.2cpe:2.3:o:linux:linux_kernel:6.2:rc1:*:*:*:*:*:*
linuxlinux_kernel6.2cpe:2.3:o:linux:linux_kernel:6.2:rc2:*:*:*:*:*:*
linuxlinux_kernel6.2cpe:2.3:o:linux:linux_kernel:6.2:rc3:*:*:*:*:*:*
linuxlinux_kernel6.2cpe:2.3:o:linux:linux_kernel:6.2:rc4:*:*:*:*:*:*
linuxlinux_kernel6.2cpe:2.3:o:linux:linux_kernel:6.2:rc5:*:*:*:*:*:*
linuxlinux_kernel6.2cpe:2.3:o:linux:linux_kernel:6.2:rc6:*:*:*:*:*:*
linuxlinux_kernel6.2cpe:2.3:o:linux:linux_kernel:6.2:rc7:*:*:*:*:*:*
linuxlinux_kernel6.2cpe:2.3:o:linux:linux_kernel:6.2:rc8:*:*:*:*:*:*
linuxlinux_kernel6.2.0cpe:2.3:o:linux:linux_kernel:6.2.0:rc1:*:*:*:*:*:*
Rows per page:
1-10 of 221

CNA Affected

[
  {
    "product": "kernel",
    "vendor": "n/a",
    "defaultStatus": "affected"
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 6",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:6"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:7"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel-rt",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:7"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:8"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel-rt",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:8"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel-rt",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:9"
    ]
  },
  {
    "product": "Fedora",
    "vendor": "Fedora",
    "collectionURL": "https://packages.fedoraproject.org/",
    "packageName": "kernel",
    "defaultStatus": "affected"
  }
]

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.2

Confidence

High

EPSS

0

Percentile

5.1%