Lucene search

K
nvd[email protected]NVD:CVE-2023-46838
HistoryJan 29, 2024 - 11:15 a.m.

CVE-2023-46838

2024-01-2911:15:07
CWE-476
web.nvd.nist.gov
14
cve-2023-46838
transmit requests
virtual network protocol
zero length data
skb fragments
linux
networking code
security vulnerability

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.5

Confidence

High

EPSS

0.001

Percentile

18.8%

Transmit requests in Xen’s virtual network protocol can consist of
multiple parts. While not really useful, except for the initial part
any of them may be of zero length, i.e. carry no data at all. Besides a
certain initial portion of the to be transferred data, these parts are
directly translated into what Linux calls SKB fragments. Such converted
request parts can, when for a particular SKB they are all of length
zero, lead to a de-reference of NULL in core networking code.

Affected configurations

Nvd
Node
linuxlinux_kernelRange4.144.19.306
OR
linuxlinux_kernelRange4.205.4.268
OR
linuxlinux_kernelRange5.55.10.209
OR
linuxlinux_kernelRange5.115.15.148
OR
linuxlinux_kernelRange5.166.1.75
OR
linuxlinux_kernelRange6.26.6.14
OR
linuxlinux_kernelRange6.76.7.2
Node
fedoraprojectfedoraMatch38
OR
fedoraprojectfedoraMatch39
Node
debiandebian_linuxMatch10.0
VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
fedoraprojectfedora38cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
fedoraprojectfedora39cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
debiandebian_linux10.0cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.5

Confidence

High

EPSS

0.001

Percentile

18.8%