Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatcveRedhat.comRH:CVE-2023-1382
HistoryMar 14, 2023 - 10:43 a.m.

CVE-2023-1382

2023-03-1410:43:29
redhat.com
access.redhat.com
30
linux kernel
data race
null pointer
tipc protocol
mitigation
blacklist
red hat solution

4.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

0.0004 Low

EPSS

Percentile

9.1%

JSON

A data race flaw was found in the Linux kernel, between where con is allocated and con->sock is set. This issue leads to a NULL pointer dereference when accessing con->sock->sk in net/tipc/topsrv.c in the tipc protocol in the Linux kernel.

Mitigation

This flaw can be mitigated by preventing the affected transparent inter-process communication (TIPC) protocol kernel module from loading during the boot time. Ensure the module is added into the blacklist file.

Refer:    
How do I blacklist a kernel module to prevent it from loading automatically?   
https://access.redhat.com/solutions/41278

Related

cbl_mariner 2
cvelist 1
prion 1
cve 1
debiancve 1
ubuntucve 1
nvd 1
photon 2
openvas 15
nessus 31
osv 6
ubuntu 3
ibm 4
redhat 9
oraclelinux 2
almalinux 3
cbl_mariner
cbl_mariner
CVE-2023-1382 affecting package kernel for versions less than 5.15.111.1-1
2023-05-25 09:38:10
CVE-2023-1382 affecting package kernel 5.10.179.1-1
2023-06-13 20:02:41
cvelist
cvelist
CVE-2023-1382
2023-04-19 00:00:00
prion
prion
Null pointer dereference
2023-04-19 23:15:00
cve
cve
CVE-2023-1382
2023-04-19 23:15:06
debiancve
debiancve
CVE-2023-1382
2023-04-19 23:15:06
ubuntucve
ubuntucve
CVE-2023-1382
2023-03-15 00:00:00
nvd
nvd
CVE-2023-1382
2023-04-19 23:15:06
photon
photon
Important Photon OS Security Update - PHSA-2022-3.0-0504
2022-12-17 00:00:00
Important Photon OS Security Update - PHSA-2022-4.0-0299
2022-12-15 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-1824)
2023-05-09 00:00:00
Ubuntu: Security Advisory (USN-6740-1)
2024-04-22 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-2296)
2023-07-04 00:00:00
nessus
nessus
EulerOS 2.0 SP10 : kernel (EulerOS-SA-2023-1824)
2023-05-08 00:00:00
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-6740-1)
2024-04-19 00:00:00
Ubuntu 14.04 LTS / 16.04 LTS : Linux kernel vulnerabilities (USN-6739-1)
2024-04-19 00:00:00
osv
osv
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle vulnerabilities
2024-04-19 13:32:30
linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities
2024-04-19 13:23:13
linux-bluefield vulnerabilities
2023-04-05 22:53:45
ubuntu
ubuntu
Linux kernel vulnerabilities
2024-04-19 00:00:00
Linux kernel vulnerabilities
2024-04-19 00:00:00
Linux kernel (BlueField) vulnerabilities
2023-04-05 00:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in Linux Kernel might affect IBM Spectrum Copy Data Management
2024-01-12 16:32:54
Security Bulletin: Vulnerabilities in Spring, Tomcat, Jackson, sudo, and Linux kernel can affect IBM Spectrum Protect Plus
2024-03-20 18:36:29
Security Bulletin: Multiple Vulnerabilities in CloudPak for AIOps
2023-12-18 18:02:34
redhat
redhat
(RHSA-2024:1404) Important: kernel security and bug fix update
2024-03-19 16:35:08
(RHSA-2023:2458) Important: kernel security, bug fix, and enhancement update
2023-05-09 05:11:22
(RHSA-2023:2148) Important: kernel-rt security and bug fix update
2023-05-09 05:01:55
oraclelinux
oraclelinux
kernel security, bug fix, and enhancement update
2023-05-15 00:00:00
kernel security, bug fix, and enhancement update
2023-11-17 00:00:00
almalinux
almalinux
Important: kernel security, bug fix, and enhancement update
2023-05-09 00:00:00
Important: kernel-rt security and bug fix update
2023-05-09 00:00:00
Important: kernel security, bug fix, and enhancement update
2023-11-14 00:00:00

4.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

0.0004 Low

EPSS

Percentile

9.1%

JSON
Related for RH:CVE-2023-1382
cbl_mariner2cvelist1prion1cve1debiancve1ubuntucve1nvd1photon2openvas15nessus31osv6ubuntu3ibm4redhat9oraclelinux2almalinux3