Lucene search

[email protected]NVD:CVE-2023-23006

HistoryMar 01, 2023 - 8:15 p.m.

CVE-2023-23006

2023-03-0120:15:15

CWE-476

[email protected]

web.nvd.nist.gov

linux

kernel

vulnerability

mlx5

steering driver

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

5.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.2%

JSON

In the Linux kernel before 5.15.13, drivers/net/ethernet/mellanox/mlx5/core/steering/dr_domain.c misinterprets the mlx5_get_uars_page return value (expects it to be NULL in the error case, whereas it is actually an error pointer).

Affected configurations

NVD

Node

linuxlinux_kernelRange<5.15.13

References

cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.13

github.com/torvalds/linux/commit/6b8b42585886c59a008015083282aae434349094

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

5.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.2%

JSON

Related for NVD:CVE-2023-23006

cve1 cbl_mariner1 ubuntucve1 redhatcve1 veracode1 prion1 debiancve1 cvelist1 nessus7 openvas2