CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
90.8%
Software: kernel-ml-6.6 6.6.11
OS: rosa-server79
package_evr_string: kernel-ml-6.6.6.11-1.res7
CVE-ID: CVE-2023-5178
BDU-ID: 2023-06750
CVE-Crit: CRITICAL.
CVE-DESC.: A vulnerability in the nvmet_tcp_free_crypto function of the drivers/nvme/target/tcp.c file of the NVMe-oF/TCP subsystem of the NVMe-oF/TCP kernel of Linux operating systems is related to the ability to use memory after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to escalate privileges or execute arbitrary code
CVE-STATUS: Not Current
CVE-REV: Update kernel
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
90.8%