Lucene search

K
cvelistRedhatCVELIST:CVE-2023-28327
HistoryApr 19, 2023 - 12:00 a.m.

CVE-2023-28327

2023-04-1900:00:00
CWE-476
redhat
www.cve.org
2
cve-2023-28327
net/unix/diag.c
local user
denial of service

AI Score

6.2

Confidence

High

EPSS

0

Percentile

5.1%

A NULL pointer dereference flaw was found in the UNIX protocol in net/unix/diag.c In unix_diag_get_exact in the Linux Kernel. The newly allocated skb does not have sk, leading to a NULL pointer. This flaw allows a local user to crash or potentially cause a denial of service.

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "Linux",
    "versions": [
      {
        "version": "Linux",
        "status": "affected"
      }
    ]
  }
]

AI Score

6.2

Confidence

High

EPSS

0

Percentile

5.1%