Lucene search
RedhatCVELIST:CVE-2023-3108HistoryJul 11, 2023 - 3:45 p.m.
CVE-2023-3108 Kernel: a race condition in crypto module in the function skcipher_recvmsg
2023-07-1115:45:03
redhat
www.cve.org
8
cve-2023-3108
kernel
race condition
crypto module
skcipher_recvmsg
get_user_pages_fast
symmetric key cipher algorithms
crash the system
CVSS3
6.2
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
6.3
Confidence
High
EPSS
0
Percentile
5.1%
A flaw was found in the subsequent get_user_pages_fast in the Linux kernel’s interface for symmetric key cipher algorithms in the skcipher_recvmsg of crypto/algif_skcipher.c function. This flaw allows a local user to crash the system.
CNA Affected
[
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 6",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 7",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel",
"defaultStatus": "unknown",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 7",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel-rt",
"defaultStatus": "unknown",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel-rt",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel-rt",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
]
}
]Related
prion
prion
Design/Logic Flaw
2023-07-11 16:15:00
ubuntucve
ubuntucve
CVE-2023-3108
2023-07-11 00:00:00
debiancve
debiancve
CVE-2023-3108
2023-07-11 16:15:12
cve
cve
CVE-2023-3108
2023-07-11 16:15:12
nvd
nvd
CVE-2023-3108
2023-07-11 16:15:12
openvas
openvas
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-3418)
2023-12-14 00:00:00
nessus
nessus
EulerOS Virtualization 3.0.6.6 : kernel (EulerOS-SA-2023-3418)
2024-01-16 00:00:00
RHEL 7 : kernel (Unpatched Vulnerability)
2024-05-11 00:00:00
CVSS3
6.2
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
6.3
Confidence
High
EPSS
0
Percentile
5.1%
Related for CVELIST:CVE-2023-3108