SUSE-SU-2023:3566-1 - Vulnerability-Lookup

SUSE-SU-2023:3566-1

Vulnerability from csaf_suse - Published: 2023-09-10 05:04 - Updated: 2023-09-10 05:04

Summary

Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP1)

Severity

Important

Notes

Title of the patch: Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP1)

Description of the patch: This update for the Linux Kernel 4.12.14-150100_197_123 fixes several issues. The following security issues were fixed: - CVE-2023-3567: Fixed a use-after-free in vcs_read in drivers/tty/vt/vc_screen.c (bsc#1213244). - CVE-2023-35001: Fixed an out-of-bounds memory access flaw in nft_byteorder that could allow a local attacker to escalate their privilege (bsc#1213063). - CVE-2023-1077: Fixed a type confusion in pick_next_rt_entity(), that could cause memory corruption (bsc#1208839). - CVE-2023-2176: Fixed an out-of-boundary read in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA (bsc#1210630). - CVE-2023-3090: Fixed a heap out-of-bounds write in the ipvlan network driver (bsc#1212849).

Patchnames: SUSE-2023-3566,SUSE-SLE-Module-Live-Patching-15-SP1-2023-3566

Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

CVE-2023-1077

7 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Vendor Fix To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

CVE-2023-2176

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Vendor Fix To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

CVE-2023-3090

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Vendor Fix To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

CVE-2023-35001

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Vendor Fix To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

CVE-2023-3567

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Vendor Fix To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

References

URL

Category

	https://www.suse.com/support/security/rating/	external
	https://ftp.suse.com/pub/projects/security/csaf/s…	self
	https://www.suse.com/support/update/announcement/…	self
	https://lists.suse.com/pipermail/sle-security-upd…	self
	https://bugzilla.suse.com/1208839	self
	https://bugzilla.suse.com/1210630	self
	https://bugzilla.suse.com/1212849	self
	https://bugzilla.suse.com/1213063	self
	https://bugzilla.suse.com/1213244	self
	https://www.suse.com/security/cve/CVE-2023-1077/	self
	https://www.suse.com/security/cve/CVE-2023-2176/	self
	https://www.suse.com/security/cve/CVE-2023-3090/	self
	https://www.suse.com/security/cve/CVE-2023-35001/	self
	https://www.suse.com/security/cve/CVE-2023-3567/	self
	https://www.suse.com/security/cve/CVE-2023-1077	external
	https://bugzilla.suse.com/1208600	external
	https://bugzilla.suse.com/1208839	external
	https://bugzilla.suse.com/1213841	external
	https://bugzilla.suse.com/1213842	external
	https://www.suse.com/security/cve/CVE-2023-2176	external
	https://bugzilla.suse.com/1210629	external
	https://bugzilla.suse.com/1210630	external
	https://bugzilla.suse.com/1213842	external
	https://www.suse.com/security/cve/CVE-2023-3090	external
	https://bugzilla.suse.com/1212842	external
	https://bugzilla.suse.com/1212849	external
	https://bugzilla.suse.com/1214128	external
	https://bugzilla.suse.com/1219701	external
	https://www.suse.com/security/cve/CVE-2023-35001	external
	https://bugzilla.suse.com/1213059	external
	https://bugzilla.suse.com/1213063	external
	https://bugzilla.suse.com/1217531	external
	https://www.suse.com/security/cve/CVE-2023-3567	external
	https://bugzilla.suse.com/1213167	external
	https://bugzilla.suse.com/1213244	external
	https://bugzilla.suse.com/1213842	external
	https://bugzilla.suse.com/1215674	external
	https://bugzilla.suse.com/1217444	external
	https://bugzilla.suse.com/1217531	external

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP1)",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for the Linux Kernel 4.12.14-150100_197_123 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2023-3567: Fixed a use-after-free in vcs_read in drivers/tty/vt/vc_screen.c (bsc#1213244).\n- CVE-2023-35001: Fixed an out-of-bounds memory access flaw in nft_byteorder that could allow a local attacker to escalate their privilege (bsc#1213063).\n- CVE-2023-1077: Fixed a type confusion in pick_next_rt_entity(), that could cause memory corruption (bsc#1208839).\n- CVE-2023-2176: Fixed an out-of-boundary read in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA (bsc#1210630).\n- CVE-2023-3090: Fixed a heap out-of-bounds write in the ipvlan network driver (bsc#1212849).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2023-3566,SUSE-SLE-Module-Live-Patching-15-SP1-2023-3566",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_3566-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2023:3566-1",
        "url": "https://www.suse.com/support/update/announcement/2023/suse-su-20233566-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2023:3566-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-September/016130.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1208839",
        "url": "https://bugzilla.suse.com/1208839"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1210630",
        "url": "https://bugzilla.suse.com/1210630"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1212849",
        "url": "https://bugzilla.suse.com/1212849"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1213063",
        "url": "https://bugzilla.suse.com/1213063"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1213244",
        "url": "https://bugzilla.suse.com/1213244"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-1077 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-1077/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-2176 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-2176/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-3090 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-3090/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-35001 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-35001/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-3567 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-3567/"
      }
    ],
    "title": "Security update for the Linux Kernel (Live Patch 34 for SLE 15 SP1)",
    "tracking": {
      "current_release_date": "2023-09-10T05:04:01Z",
      "generator": {
        "date": "2023-09-10T05:04:01Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2023:3566-1",
      "initial_release_date": "2023-09-10T05:04:01Z",
      "revision_history": [
        {
          "date": "2023-09-10T05:04:01Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.ppc64le",
                "product": {
                  "name": "kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.ppc64le",
                  "product_id": "kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.x86_64",
                "product": {
                  "name": "kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.x86_64",
                  "product_id": "kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Live Patching 15 SP1",
                "product": {
                  "name": "SUSE Linux Enterprise Live Patching 15 SP1",
                  "product_id": "SUSE Linux Enterprise Live Patching 15 SP1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-live-patching:15:sp1"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP1",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.ppc64le"
        },
        "product_reference": "kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP1",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.x86_64"
        },
        "product_reference": "kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP1"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-1077",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-1077"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-1077",
          "url": "https://www.suse.com/security/cve/CVE-2023-1077"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1208600 for CVE-2023-1077",
          "url": "https://bugzilla.suse.com/1208600"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1208839 for CVE-2023-1077",
          "url": "https://bugzilla.suse.com/1208839"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213841 for CVE-2023-1077",
          "url": "https://bugzilla.suse.com/1213841"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213842 for CVE-2023-1077",
          "url": "https://bugzilla.suse.com/1213842"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-09-10T05:04:01Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-1077"
    },
    {
      "cve": "CVE-2023-2176",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-2176"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-2176",
          "url": "https://www.suse.com/security/cve/CVE-2023-2176"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210629 for CVE-2023-2176",
          "url": "https://bugzilla.suse.com/1210629"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1210630 for CVE-2023-2176",
          "url": "https://bugzilla.suse.com/1210630"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213842 for CVE-2023-2176",
          "url": "https://bugzilla.suse.com/1213842"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-09-10T05:04:01Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-2176"
    },
    {
      "cve": "CVE-2023-3090",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-3090"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation.\n\nThe out-of-bounds write is caused by missing skb-\u003ecb  initialization in the ipvlan network driver. The vulnerability is reachable if  CONFIG_IPVLAN is enabled.\n\n\nWe recommend upgrading past commit 90cbed5247439a966b645b34eb0a2e037836ea8e.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-3090",
          "url": "https://www.suse.com/security/cve/CVE-2023-3090"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1212842 for CVE-2023-3090",
          "url": "https://bugzilla.suse.com/1212842"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1212849 for CVE-2023-3090",
          "url": "https://bugzilla.suse.com/1212849"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1214128 for CVE-2023-3090",
          "url": "https://bugzilla.suse.com/1214128"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1219701 for CVE-2023-3090",
          "url": "https://bugzilla.suse.com/1219701"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-09-10T05:04:01Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-3090"
    },
    {
      "cve": "CVE-2023-35001",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-35001"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-35001",
          "url": "https://www.suse.com/security/cve/CVE-2023-35001"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213059 for CVE-2023-35001",
          "url": "https://bugzilla.suse.com/1213059"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213063 for CVE-2023-35001",
          "url": "https://bugzilla.suse.com/1213063"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1217531 for CVE-2023-35001",
          "url": "https://bugzilla.suse.com/1217531"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-09-10T05:04:01Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-35001"
    },
    {
      "cve": "CVE-2023-3567",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-3567"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-3567",
          "url": "https://www.suse.com/security/cve/CVE-2023-3567"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213167 for CVE-2023-3567",
          "url": "https://bugzilla.suse.com/1213167"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213244 for CVE-2023-3567",
          "url": "https://bugzilla.suse.com/1213244"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213842 for CVE-2023-3567",
          "url": "https://bugzilla.suse.com/1213842"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1215674 for CVE-2023-3567",
          "url": "https://bugzilla.suse.com/1215674"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1217444 for CVE-2023-3567",
          "url": "https://bugzilla.suse.com/1217444"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1217531 for CVE-2023-3567",
          "url": "https://bugzilla.suse.com/1217531"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP1:kernel-livepatch-4_12_14-150100_197_123-default-10-150100.2.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-09-10T05:04:01Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-3567"
    }
  ]
}

CVE-2023-3090 (GCVE-0-2023-3090)

Vulnerability from cvelistv5 – Published: 2023-06-28 19:06 – Updated: 2025-03-05 18:55

Title

Out-of-bounds write in Linux kernel's ipvlan network driver

Summary

A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-of-bounds write is caused by missing skb->cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIG_IPVLAN is enabled. We recommend upgrading past commit 90cbed5247439a966b645b34eb0a2e037836ea8e.

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-787 - Out-of-bounds Write

Assigner

Google

References

URL

Tags

	https://git.kernel.org/pub/scm/linux/kernel/git/t…	patch
	https://kernel.dance/90cbed5247439a966b645b34eb0a…
	https://www.debian.org/security/2023/dsa-5448
	https://lists.debian.org/debian-lts-announce/2023…
	https://security.netapp.com/advisory/ntap-2023073…
	https://www.debian.org/security/2023/dsa-5480
	http://packetstormsecurity.com/files/174577/Kerne…
	http://packetstormsecurity.com/files/175072/Kerne…
	https://lists.debian.org/debian-lts-announce/2023…

Impacted products

	Vendor	Product	Version
	Linux	Kernel	Affected: 3.19 , < 6.4 (custom)

Date Public ?

2023-05-10 09:33

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T06:41:04.144Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "patch",
              "x_transferred"
            ],
            "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=90cbed5247439a966b645b34eb0a2e037836ea8e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://kernel.dance/90cbed5247439a966b645b34eb0a2e037836ea8e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5448"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20230731-0002/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5480"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/174577/Kernel-Live-Patch-Security-Notice-LSN-0097-1.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/175072/Kernel-Live-Patch-Security-Notice-LSN-0098-1.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-3090",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-05T18:42:13.331109Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-05T18:55:25.596Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Kernel",
          "repo": "https://git.kernel.org",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "6.4",
              "status": "affected",
              "version": "3.19",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "CONFIG_IPVLAN kernel config.\u003cbr\u003e"
            }
          ],
          "value": "CONFIG_IPVLAN kernel config."
        }
      ],
      "datePublic": "2023-05-10T09:33:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eA heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation.\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe out-of-bounds write is caused by missing skb-\u0026gt;cb  initialization in the ipvlan network driver. The vulnerability is reachable if\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCONFIG_IPVLAN is enabled.\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003e\u003cbr\u003e\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eWe recommend upgrading past commit 90cbed5247439a966b645b34eb0a2e037836ea8e.\u003c/span\u003e\u003c/p\u003e"
            }
          ],
          "value": "A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation.\n\nThe out-of-bounds write is caused by missing skb-\u003ecb  initialization in the ipvlan network driver. The vulnerability is reachable if\u00a0CONFIG_IPVLAN is enabled.\n\n\nWe recommend upgrading past commit 90cbed5247439a966b645b34eb0a2e037836ea8e."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-233",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-233 Privilege Escalation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-19T23:07:09.083Z",
        "orgId": "14ed7db2-1595-443d-9d34-6215bf890778",
        "shortName": "Google"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=90cbed5247439a966b645b34eb0a2e037836ea8e"
        },
        {
          "url": "https://kernel.dance/90cbed5247439a966b645b34eb0a2e037836ea8e"
        },
        {
          "url": "https://www.debian.org/security/2023/dsa-5448"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20230731-0002/"
        },
        {
          "url": "https://www.debian.org/security/2023/dsa-5480"
        },
        {
          "url": "http://packetstormsecurity.com/files/174577/Kernel-Live-Patch-Security-Notice-LSN-0097-1.html"
        },
        {
          "url": "http://packetstormsecurity.com/files/175072/Kernel-Live-Patch-Security-Notice-LSN-0098-1.html"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Out-of-bounds write in Linux kernel\u0027s ipvlan network driver",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778",
    "assignerShortName": "Google",
    "cveId": "CVE-2023-3090",
    "datePublished": "2023-06-28T19:06:41.221Z",
    "dateReserved": "2023-06-03T22:31:04.130Z",
    "dateUpdated": "2025-03-05T18:55:25.596Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-1077 (GCVE-0-2023-1077)

Vulnerability from cvelistv5 – Published: 2023-03-27 00:00 – Updated: 2024-08-02 05:32

Summary

In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption.

Severity ?

No CVSS data available.

CWE

CWE-843

Assigner

redhat

References

URL

Tags

	https://git.kernel.org/pub/scm/linux/kernel/git/n…
	https://lists.debian.org/debian-lts-announce/2023…	mailing-list
	https://security.netapp.com/advisory/ntap-2023051…
	https://lists.debian.org/debian-lts-announce/2024…	mailing-list

Impacted products

	Vendor	Product	Version
	n/a	Linux kernel	Affected: unknown

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T05:32:46.360Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=7c4a5b89a0b5a57a64b601775b296abf77a9fe97"
          },
          {
            "name": "[debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20230511-0002/"
          },
          {
            "name": "[debian-lts-announce] 20240111 [SECURITY] [DLA 3710-1] linux security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Linux kernel",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "unknown"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-843",
              "description": "CWE-843",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-11T19:06:55.294Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=7c4a5b89a0b5a57a64b601775b296abf77a9fe97"
        },
        {
          "name": "[debian-lts-announce] 20230502 [SECURITY] [DLA 3404-1] linux-5.10 security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20230511-0002/"
        },
        {
          "name": "[debian-lts-announce] 20240111 [SECURITY] [DLA 3710-1] linux security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-1077",
    "datePublished": "2023-03-27T00:00:00.000Z",
    "dateReserved": "2023-02-27T00:00:00.000Z",
    "dateUpdated": "2024-08-02T05:32:46.360Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-3567 (GCVE-0-2023-3567)

Vulnerability from cvelistv5 – Published: 2023-07-24 15:19 – Updated: 2025-11-06 19:46

Title

Kernel: use after free in vcs_read in drivers/tty/vt/vc_screen.c due to race

Summary

A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information.

Severity ?

7.1 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

CWE

CWE-416 - Use After Free

Assigner

redhat

References

URL

Tags

	https://access.redhat.com/errata/RHSA-2024:0412	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:0431	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:0432	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:0439	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:0448	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:0575	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:2394	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:2950	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:3138	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2023-3567	vdb-entryx_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2221463	issue-trackingx_refsource_REDHAT
	https://www.spinics.net/lists/stable-commits/msg2…

Impacted products

Vendor

Product

Version

Red Hat Enterprise Linux 8

Unaffected: 0:4.18.0-553.rt7.342.el8_10 , < * (rpm)
cpe:/a:redhat:enterprise_linux:8::realtime
cpe:/a:redhat:enterprise_linux:8::nfv

	Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:4.18.0-553.el8_10 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::crb cpe:/o:redhat:enterprise_linux:8::baseos
	Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support	Unaffected: 0:4.18.0-372.87.1.el8_6 , < * (rpm) cpe:/o:redhat:rhev_hypervisor:4.4::el8 cpe:/a:redhat:rhel_eus:8.6::crb cpe:/o:redhat:rhel_eus:8.6::baseos
	Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support	Unaffected: 0:4.18.0-477.43.1.el8_8 , < * (rpm) cpe:/o:redhat:rhel_eus:8.8::baseos cpe:/a:redhat:rhel_eus:8.8::crb
	Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:5.14.0-427.13.1.el9_4 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::crb cpe:/a:redhat:enterprise_linux:9::nfv cpe:/a:redhat:enterprise_linux:9::appstream cpe:/a:redhat:enterprise_linux:9::realtime cpe:/o:redhat:enterprise_linux:9::baseos
	Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:5.14.0-427.13.1.el9_4 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::crb cpe:/a:redhat:enterprise_linux:9::nfv cpe:/a:redhat:enterprise_linux:9::appstream cpe:/a:redhat:enterprise_linux:9::realtime cpe:/o:redhat:enterprise_linux:9::baseos
	Red Hat	Red Hat Enterprise Linux 9.0 Extended Update Support	Unaffected: 0:5.14.0-70.85.1.el9_0 , < * (rpm) cpe:/o:redhat:rhel_eus:9.0::baseos cpe:/a:redhat:rhel_eus:9.0::crb cpe:/a:redhat:rhel_eus:9.0::appstream
	Red Hat	Red Hat Enterprise Linux 9.0 Extended Update Support	Unaffected: 0:5.14.0-70.85.1.rt21.156.el9_0 , < * (rpm) cpe:/a:redhat:rhel_eus:9.0::realtime cpe:/a:redhat:rhel_eus:9.0::nfv
	Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support	Unaffected: 0:5.14.0-284.48.1.el9_2 , < * (rpm) cpe:/a:redhat:rhel_eus:9.2::appstream cpe:/a:redhat:rhel_eus:9.2::crb cpe:/o:redhat:rhel_eus:9.2::baseos
	Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support	Unaffected: 0:5.14.0-284.48.1.rt14.333.el9_2 , < * (rpm) cpe:/a:redhat:rhel_eus:9.2::nfv cpe:/a:redhat:rhel_eus:9.2::realtime
	Red Hat	Red Hat Virtualization 4 for Red Hat Enterprise Linux 8	Unaffected: 0:4.18.0-372.87.1.el8_6 , < * (rpm) cpe:/o:redhat:rhev_hypervisor:4.4::el8 cpe:/a:redhat:rhel_eus:8.6::crb cpe:/o:redhat:rhel_eus:8.6::baseos
	Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6
	Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
	Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
	Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9

Date Public ?

2023-01-14 00:00

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T07:01:56.105Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/175072/Kernel-Live-Patch-Security-Notice-LSN-0098-1.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html"
          },
          {
            "name": "RHSA-2024:0412",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0412"
          },
          {
            "name": "RHSA-2024:0431",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0431"
          },
          {
            "name": "RHSA-2024:0432",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0432"
          },
          {
            "name": "RHSA-2024:0439",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0439"
          },
          {
            "name": "RHSA-2024:0448",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0448"
          },
          {
            "name": "RHSA-2024:0575",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0575"
          },
          {
            "name": "RHSA-2024:2394",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2394"
          },
          {
            "name": "RHSA-2024:2950",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2950"
          },
          {
            "name": "RHSA-2024:3138",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3138"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2023-3567"
          },
          {
            "name": "RHBZ#2221463",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221463"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.spinics.net/lists/stable-commits/msg285184.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::realtime",
            "cpe:/a:redhat:enterprise_linux:8::nfv"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-553.rt7.342.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-553.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhev_hypervisor:4.4::el8",
            "cpe:/a:redhat:rhel_eus:8.6::crb",
            "cpe:/o:redhat:rhel_eus:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-372.87.1.el8_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:8.8::baseos",
            "cpe:/a:redhat:rhel_eus:8.8::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-477.43.1.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::nfv",
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::realtime",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.14.0-427.13.1.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::nfv",
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::realtime",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.14.0-427.13.1.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:9.0::baseos",
            "cpe:/a:redhat:rhel_eus:9.0::crb",
            "cpe:/a:redhat:rhel_eus:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.14.0-70.85.1.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.0::realtime",
            "cpe:/a:redhat:rhel_eus:9.0::nfv"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.14.0-70.85.1.rt21.156.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream",
            "cpe:/a:redhat:rhel_eus:9.2::crb",
            "cpe:/o:redhat:rhel_eus:9.2::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.14.0-284.48.1.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::nfv",
            "cpe:/a:redhat:rhel_eus:9.2::realtime"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.14.0-284.48.1.rt14.333.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhev_hypervisor:4.4::el8",
            "cpe:/a:redhat:rhel_eus:8.6::crb",
            "cpe:/o:redhat:rhel_eus:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-372.87.1.el8_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2023-01-14T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-06T19:46:34.822Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:0412",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0412"
        },
        {
          "name": "RHSA-2024:0431",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0431"
        },
        {
          "name": "RHSA-2024:0432",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0432"
        },
        {
          "name": "RHSA-2024:0439",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0439"
        },
        {
          "name": "RHSA-2024:0448",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0448"
        },
        {
          "name": "RHSA-2024:0575",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0575"
        },
        {
          "name": "RHSA-2024:2394",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2394"
        },
        {
          "name": "RHSA-2024:2950",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2950"
        },
        {
          "name": "RHSA-2024:3138",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3138"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2023-3567"
        },
        {
          "name": "RHBZ#2221463",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221463"
        },
        {
          "url": "https://www.spinics.net/lists/stable-commits/msg285184.html"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2023-04-13T00:00:00.000Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2023-01-14T00:00:00.000Z",
          "value": "Made public."
        }
      ],
      "title": "Kernel: use after free in vcs_read in drivers/tty/vt/vc_screen.c due to race",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-416: Use After Free"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-3567",
    "datePublished": "2023-07-24T15:19:19.795Z",
    "dateReserved": "2023-07-09T09:05:56.937Z",
    "dateUpdated": "2025-11-06T19:46:34.822Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-2176 (GCVE-0-2023-2176)

Vulnerability from cvelistv5 – Published: 2023-04-20 00:00 – Updated: 2025-05-05 16:01

Summary

A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege.

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-125

Assigner

redhat

References

URL

Tags

	https://www.spinics.net/lists/linux-rdma/msg114749.html
	https://security.netapp.com/advisory/ntap-2023060…

Impacted products

	Vendor	Product	Version
	n/a	Kernel	Affected: Linux 6.1

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T06:12:20.598Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.spinics.net/lists/linux-rdma/msg114749.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20230609-0005/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-2176",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-23T13:28:34.519474Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-05T16:01:21.860Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Kernel",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Linux 6.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-06-09T00:00:00.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://www.spinics.net/lists/linux-rdma/msg114749.html"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20230609-0005/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-2176",
    "datePublished": "2023-04-20T00:00:00.000Z",
    "dateReserved": "2023-04-19T00:00:00.000Z",
    "dateUpdated": "2025-05-05T16:01:21.860Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-35001 (GCVE-0-2023-35001)

Vulnerability from cvelistv5 – Published: 2023-07-05 18:35 – Updated: 2025-02-13 16:55

Title

Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability

Summary

Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-787

Assigner

canonical

References

URL

Tags

	https://lore.kernel.org/netfilter-devel/202307051…	issue-tracking
	https://www.openwall.com/lists/oss-security/2023/…	mailing-list
	http://www.openwall.com/lists/oss-security/2023/07/05/3
	https://www.debian.org/security/2023/dsa-5453
	https://lists.fedoraproject.org/archives/list/pac…
	https://lists.fedoraproject.org/archives/list/pac…
	http://packetstormsecurity.com/files/173757/Kerne…
	https://lists.debian.org/debian-lts-announce/2023…
	https://security.netapp.com/advisory/ntap-2023082…
	http://packetstormsecurity.com/files/174577/Kerne…
	https://lists.debian.org/debian-lts-announce/2024…

Impacted products

	Vendor	Product	Version
	Linux	Linux Kernel	Affected: v3.13-rc1

Date Public ?

2023-07-05 12:15

Credits

Tanguy Dubroca

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T16:17:04.253Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "issue-tracking",
              "x_transferred"
            ],
            "url": "https://lore.kernel.org/netfilter-devel/20230705121515.747251-1-cascardo@canonical.com/T/"
          },
          {
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://www.openwall.com/lists/oss-security/2023/07/05/3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/07/05/3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5453"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UPHI46ROSSLVAV4R5LJWJYU747JGOS6D/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGZC5XOANA75OJ4XARBBXYSLDKUIJI5E/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/173757/Kernel-Live-Patch-Security-Notice-LSN-0096-1.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00001.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20230824-0007/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/174577/Kernel-Live-Patch-Security-Notice-LSN-0097-1.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "Linux"
          ],
          "product": "Linux Kernel",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "v3.13-rc1"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Tanguy Dubroca"
        }
      ],
      "datePublic": "2023-07-05T12:15:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-01-11T19:07:23.291Z",
        "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
        "shortName": "canonical"
      },
      "references": [
        {
          "tags": [
            "issue-tracking"
          ],
          "url": "https://lore.kernel.org/netfilter-devel/20230705121515.747251-1-cascardo@canonical.com/T/"
        },
        {
          "tags": [
            "mailing-list"
          ],
          "url": "https://www.openwall.com/lists/oss-security/2023/07/05/3"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/07/05/3"
        },
        {
          "url": "https://www.debian.org/security/2023/dsa-5453"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UPHI46ROSSLVAV4R5LJWJYU747JGOS6D/"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGZC5XOANA75OJ4XARBBXYSLDKUIJI5E/"
        },
        {
          "url": "http://packetstormsecurity.com/files/173757/Kernel-Live-Patch-Security-Notice-LSN-0096-1.html"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00001.html"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20230824-0007/"
        },
        {
          "url": "http://packetstormsecurity.com/files/174577/Kernel-Live-Patch-Security-Notice-LSN-0097-1.html"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html"
        }
      ],
      "title": "Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
    "assignerShortName": "canonical",
    "cveId": "CVE-2023-35001",
    "datePublished": "2023-07-05T18:35:17.785Z",
    "dateReserved": "2023-06-29T21:43:35.036Z",
    "dateUpdated": "2025-02-13T16:55:43.429Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.