Lucene search

K
nvd[email protected]NVD:CVE-2023-6535
HistoryFeb 07, 2024 - 9:15 p.m.

CVE-2023-6535

2024-02-0721:15:08
CWE-476
web.nvd.nist.gov
13
linux
nvme driver
tcp
null pointer
denial of service

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

6.5

Confidence

High

EPSS

0.001

Percentile

50.6%

A flaw was found in the Linux kernel’s NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.

Affected configurations

Nvd
Node
linuxlinux_kernelMatch-
Node
redhatcodeready_linux_builder_eusMatch8.6
OR
redhatcodeready_linux_builder_eusMatch9.2
OR
redhatcodeready_linux_builder_eus_for_power_little_endian_eusMatch8.6_ppc64le
OR
redhatcodeready_linux_builder_eus_for_power_little_endian_eusMatch9.2_ppc64le
OR
redhatcodeready_linux_builder_for_arm64_eusMatch8.6_aarch64
OR
redhatcodeready_linux_builder_for_arm64_eusMatch9.2_aarch64
OR
redhatcodeready_linux_builder_for_ibm_z_systems_eusMatch9.2_s390x
OR
redhatenterprise_linuxMatch8.0
OR
redhatenterprise_linuxMatch9.0
OR
redhatenterprise_linux_eusMatch8.6
OR
redhatenterprise_linux_eusMatch9.2
OR
redhatenterprise_linux_for_arm_64_eusMatch8.6_aarch64
OR
redhatenterprise_linux_for_arm_64_eusMatch9.2_aarch64
OR
redhatenterprise_linux_for_ibm_z_systems_eusMatch8.6_s390x
OR
redhatenterprise_linux_for_ibm_z_systems_eusMatch9.2_s390x
OR
redhatenterprise_linux_for_power_little_endian_eusMatch8.6_ppc64le
OR
redhatenterprise_linux_for_power_little_endian_eusMatch9.2_ppc64le
OR
redhatenterprise_linux_for_real_timeMatch9.2
OR
redhatenterprise_linux_for_real_time_for_nfvMatch9.2
OR
redhatenterprise_linux_server_ausMatch8.6
OR
redhatenterprise_linux_server_ausMatch9.2
OR
redhatenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsMatch8.6_ppc64le
OR
redhatenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsMatch9.2_ppc64le
OR
redhatenterprise_linux_server_tusMatch8.6
Node
redhatvirtualization_hostMatch4.0
AND
redhatenterprise_linuxMatch8.0
VendorProductVersionCPE
linuxlinux_kernel-cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
redhatcodeready_linux_builder_eus8.6cpe:2.3:a:redhat:codeready_linux_builder_eus:8.6:*:*:*:*:*:*:*
redhatcodeready_linux_builder_eus9.2cpe:2.3:a:redhat:codeready_linux_builder_eus:9.2:*:*:*:*:*:*:*
redhatcodeready_linux_builder_eus_for_power_little_endian_eus8.6_ppc64lecpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian_eus:8.6_ppc64le:*:*:*:*:*:*:*
redhatcodeready_linux_builder_eus_for_power_little_endian_eus9.2_ppc64lecpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*
redhatcodeready_linux_builder_for_arm64_eus8.6_aarch64cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:8.6_aarch64:*:*:*:*:*:*:*
redhatcodeready_linux_builder_for_arm64_eus9.2_aarch64cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.2_aarch64:*:*:*:*:*:*:*
redhatcodeready_linux_builder_for_ibm_z_systems_eus9.2_s390xcpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*
redhatenterprise_linux8.0cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
redhatenterprise_linux9.0cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
Rows per page:
1-10 of 261

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

6.5

Confidence

High

EPSS

0.001

Percentile

50.6%