Vulnerability-Lookup

SUSE-SU-2024:1731-1

Vulnerability from csaf_suse - Published: 2024-05-21 15:04 - Updated: 2024-05-21 15:04

Summary

Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP5)

Severity

Important

Notes

Title of the patch: Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP5)

Description of the patch: This update for the Linux Kernel 5.14.21-150500_55_52 fixes several issues. The following security issues were fixed: - CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). - CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). - CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). - CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GSM 0710 tty multiplexor (bsc#1222685).

Patchnames: SUSE-2024-1731,SUSE-SLE-Module-Live-Patching-15-SP5-2024-1731

CVE-2022-48651

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Vendor Fix To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

CVE-2023-52502

7 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Vendor Fix To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

CVE-2023-6546

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Vendor Fix To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

CVE-2024-26610

7.1 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Vendor Fix To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".

References

URL

Category

	https://www.suse.com/support/security/rating/	external
	https://ftp.suse.com/pub/projects/security/csaf/s…	self
	https://www.suse.com/support/update/announcement/…	self
	https://lists.suse.com/pipermail/sle-updates/2024…	self
	https://bugzilla.suse.com/1220832	self
	https://bugzilla.suse.com/1221302	self
	https://bugzilla.suse.com/1222685	self
	https://bugzilla.suse.com/1223514	self
	https://www.suse.com/security/cve/CVE-2022-48651/	self
	https://www.suse.com/security/cve/CVE-2023-52502/	self
	https://www.suse.com/security/cve/CVE-2023-6546/	self
	https://www.suse.com/security/cve/CVE-2024-26610/	self
	https://www.suse.com/security/cve/CVE-2022-48651	external
	https://bugzilla.suse.com/1223513	external
	https://bugzilla.suse.com/1223514	external
	https://www.suse.com/security/cve/CVE-2023-52502	external
	https://bugzilla.suse.com/1220831	external
	https://bugzilla.suse.com/1220832	external
	https://bugzilla.suse.com/1224298	external
	https://bugzilla.suse.com/1224878	external
	https://www.suse.com/security/cve/CVE-2023-6546	external
	https://bugzilla.suse.com/1218335	external
	https://bugzilla.suse.com/1222685	external
	https://www.suse.com/security/cve/CVE-2024-26610	external
	https://bugzilla.suse.com/1221299	external
	https://bugzilla.suse.com/1221302	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP5)",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for the Linux Kernel 5.14.21-150500_55_52 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302).\n- CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb-\u003emac_header (bsc#1223514).\n- CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832).\n- CVE-2023-6546: Fixed a race condition that could lead to a use-after-free in the GSM 0710 tty multiplexor (bsc#1222685).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2024-1731,SUSE-SLE-Module-Live-Patching-15-SP5-2024-1731",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_1731-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2024:1731-1",
        "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241731-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2024:1731-1",
        "url": "https://lists.suse.com/pipermail/sle-updates/2024-May/035321.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1220832",
        "url": "https://bugzilla.suse.com/1220832"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1221302",
        "url": "https://bugzilla.suse.com/1221302"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1222685",
        "url": "https://bugzilla.suse.com/1222685"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1223514",
        "url": "https://bugzilla.suse.com/1223514"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-48651 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-48651/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-52502 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-52502/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-6546 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-6546/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-26610 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-26610/"
      }
    ],
    "title": "Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP5)",
    "tracking": {
      "current_release_date": "2024-05-21T15:04:04Z",
      "generator": {
        "date": "2024-05-21T15:04:04Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2024:1731-1",
      "initial_release_date": "2024-05-21T15:04:04Z",
      "revision_history": [
        {
          "date": "2024-05-21T15:04:04Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.ppc64le",
                "product": {
                  "name": "kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.ppc64le",
                  "product_id": "kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.s390x",
                "product": {
                  "name": "kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.s390x",
                  "product_id": "kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.x86_64",
                "product": {
                  "name": "kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.x86_64",
                  "product_id": "kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Live Patching 15 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Live Patching 15 SP5",
                  "product_id": "SUSE Linux Enterprise Live Patching 15 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-live-patching:15:sp5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP5",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.ppc64le"
        },
        "product_reference": "kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP5",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.s390x"
        },
        "product_reference": "kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP5",
          "product_id": "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.x86_64"
        },
        "product_reference": "kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP5"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-48651",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-48651"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: Fix out-of-bound bugs caused by unset skb-\u003emac_header\n\nIf an AF_PACKET socket is used to send packets through ipvlan and the\ndefault xmit function of the AF_PACKET socket is changed from\ndev_queue_xmit() to packet_direct_xmit() via setsockopt() with the option\nname of PACKET_QDISC_BYPASS, the skb-\u003emac_header may not be reset and\nremains as the initial value of 65535, this may trigger slab-out-of-bounds\nbugs as following:\n\n=================================================================\nUG: KASAN: slab-out-of-bounds in ipvlan_xmit_mode_l2+0xdb/0x330 [ipvlan]\nPU: 2 PID: 1768 Comm: raw_send Kdump: loaded Not tainted 6.0.0-rc4+ #6\nardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-1.fc33\nall Trace:\nprint_address_description.constprop.0+0x1d/0x160\nprint_report.cold+0x4f/0x112\nkasan_report+0xa3/0x130\nipvlan_xmit_mode_l2+0xdb/0x330 [ipvlan]\nipvlan_start_xmit+0x29/0xa0 [ipvlan]\n__dev_direct_xmit+0x2e2/0x380\npacket_direct_xmit+0x22/0x60\npacket_snd+0x7c9/0xc40\nsock_sendmsg+0x9a/0xa0\n__sys_sendto+0x18a/0x230\n__x64_sys_sendto+0x74/0x90\ndo_syscall_64+0x3b/0x90\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nThe root cause is:\n  1. packet_snd() only reset skb-\u003emac_header when sock-\u003etype is SOCK_RAW\n     and skb-\u003eprotocol is not specified as in packet_parse_headers()\n\n  2. packet_direct_xmit() doesn\u0027t reset skb-\u003emac_header as dev_queue_xmit()\n\nIn this case, skb-\u003emac_header is 65535 when ipvlan_xmit_mode_l2() is\ncalled. So when ipvlan_xmit_mode_l2() gets mac header with eth_hdr() which\nuse \"skb-\u003ehead + skb-\u003emac_header\", out-of-bound access occurs.\n\nThis patch replaces eth_hdr() with skb_eth_hdr() in ipvlan_xmit_mode_l2()\nand reset mac header in multicast to solve this out-of-bound bug.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-48651",
          "url": "https://www.suse.com/security/cve/CVE-2022-48651"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1223513 for CVE-2022-48651",
          "url": "https://bugzilla.suse.com/1223513"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1223514 for CVE-2022-48651",
          "url": "https://bugzilla.suse.com/1223514"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-05-21T15:04:04Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-48651"
    },
    {
      "cve": "CVE-2023-52502",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-52502"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn()\n\nSili Luo reported a race in nfc_llcp_sock_get(), leading to UAF.\n\nGetting a reference on the socket found in a lookup while\nholding a lock should happen before releasing the lock.\n\nnfc_llcp_sock_get_sn() has a similar problem.\n\nFinally nfc_llcp_recv_snl() needs to make sure the socket\nfound by nfc_llcp_sock_from_sn() does not disappear.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-52502",
          "url": "https://www.suse.com/security/cve/CVE-2023-52502"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1220831 for CVE-2023-52502",
          "url": "https://bugzilla.suse.com/1220831"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1220832 for CVE-2023-52502",
          "url": "https://bugzilla.suse.com/1220832"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1224298 for CVE-2023-52502",
          "url": "https://bugzilla.suse.com/1224298"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1224878 for CVE-2023-52502",
          "url": "https://bugzilla.suse.com/1224878"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-05-21T15:04:04Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-52502"
    },
    {
      "cve": "CVE-2023-6546",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-6546"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci while restarting the gsm mux. This could allow a local unprivileged user to escalate their privileges on the system.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-6546",
          "url": "https://www.suse.com/security/cve/CVE-2023-6546"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1218335 for CVE-2023-6546",
          "url": "https://bugzilla.suse.com/1218335"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1222685 for CVE-2023-6546",
          "url": "https://bugzilla.suse.com/1222685"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-05-21T15:04:04Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-6546"
    },
    {
      "cve": "CVE-2024-26610",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-26610"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: fix a memory corruption\n\niwl_fw_ini_trigger_tlv::data is a pointer to a __le32, which means that\nif we copy to iwl_fw_ini_trigger_tlv::data + offset while offset is in\nbytes, we\u0027ll write past the buffer.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.ppc64le",
          "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.s390x",
          "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-26610",
          "url": "https://www.suse.com/security/cve/CVE-2024-26610"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221299 for CVE-2024-26610",
          "url": "https://bugzilla.suse.com/1221299"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221302 for CVE-2024-26610",
          "url": "https://bugzilla.suse.com/1221302"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.ppc64le",
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.s390x",
            "SUSE Linux Enterprise Live Patching 15 SP5:kernel-livepatch-5_14_21-150500_55_52-default-2-150500.11.6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-05-21T15:04:04Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-26610"
    }
  ]
}

CVE-2022-48651 (GCVE-0-2022-48651)

Vulnerability from cvelistv5 – Published: 2024-04-28 13:00 – Updated: 2025-05-04 08:20

Title

ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header

Summary

In the Linux kernel, the following vulnerability has been resolved: ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header If an AF_PACKET socket is used to send packets through ipvlan and the default xmit function of the AF_PACKET socket is changed from dev_queue_xmit() to packet_direct_xmit() via setsockopt() with the option name of PACKET_QDISC_BYPASS, the skb->mac_header may not be reset and remains as the initial value of 65535, this may trigger slab-out-of-bounds bugs as following: ================================================================= UG: KASAN: slab-out-of-bounds in ipvlan_xmit_mode_l2+0xdb/0x330 [ipvlan] PU: 2 PID: 1768 Comm: raw_send Kdump: loaded Not tainted 6.0.0-rc4+ #6 ardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-1.fc33 all Trace: print_address_description.constprop.0+0x1d/0x160 print_report.cold+0x4f/0x112 kasan_report+0xa3/0x130 ipvlan_xmit_mode_l2+0xdb/0x330 [ipvlan] ipvlan_start_xmit+0x29/0xa0 [ipvlan] __dev_direct_xmit+0x2e2/0x380 packet_direct_xmit+0x22/0x60 packet_snd+0x7c9/0xc40 sock_sendmsg+0x9a/0xa0 __sys_sendto+0x18a/0x230 __x64_sys_sendto+0x74/0x90 do_syscall_64+0x3b/0x90 entry_SYSCALL_64_after_hwframe+0x63/0xcd The root cause is: 1. packet_snd() only reset skb->mac_header when sock->type is SOCK_RAW and skb->protocol is not specified as in packet_parse_headers() 2. packet_direct_xmit() doesn't reset skb->mac_header as dev_queue_xmit() In this case, skb->mac_header is 65535 when ipvlan_xmit_mode_l2() is called. So when ipvlan_xmit_mode_l2() gets mac header with eth_hdr() which use "skb->head + skb->mac_header", out-of-bound access occurs. This patch replaces eth_hdr() with skb_eth_hdr() in ipvlan_xmit_mode_l2() and reset mac header in multicast to solve this out-of-bound bug.

Severity ?

7.7 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

CWE

CWE-125 - Out-of-bounds Read

Assigner

Linux

References

URL

Tags

	https://git.kernel.org/stable/c/e2b46cd5796f083e4…
	https://git.kernel.org/stable/c/25efdbe5fe542c306…
	https://git.kernel.org/stable/c/bffcdade259c05ab3…
	https://git.kernel.org/stable/c/346e94aa4a9937859…
	https://git.kernel.org/stable/c/ab4a733874ead1206…
	https://git.kernel.org/stable/c/8d06006c7eb75587d…
	https://git.kernel.org/stable/c/b583e6b25bf9321c9…
	https://git.kernel.org/stable/c/81225b2ea161af48e…

Impacted products

Vendor

Product

Version

Linux

Affected: 2ad7bf3638411cb547f2823df08166c13ab04269 , < e2b46cd5796f083e452fbc624f65b80328b0c1a4 (git)
Affected: 2ad7bf3638411cb547f2823df08166c13ab04269 , < 25efdbe5fe542c3063d1948cc4e98abcb57621ca (git)
Affected: 2ad7bf3638411cb547f2823df08166c13ab04269 , < bffcdade259c05ab3436b5fab711612093c275ef (git)
Affected: 2ad7bf3638411cb547f2823df08166c13ab04269 , < 346e94aa4a99378592c46d6a34c72703a32bd5be (git)
Affected: 2ad7bf3638411cb547f2823df08166c13ab04269 , < ab4a733874ead120691e8038272d22f8444d3638 (git)
Affected: 2ad7bf3638411cb547f2823df08166c13ab04269 , < 8d06006c7eb75587d986da46c48ba9274f94e8e7 (git)
Affected: 2ad7bf3638411cb547f2823df08166c13ab04269 , < b583e6b25bf9321c91154f6c78d2173ef12c4241 (git)
Affected: 2ad7bf3638411cb547f2823df08166c13ab04269 , < 81225b2ea161af48e093f58e8dfee6d705b16af4 (git)

Linux

Affected: 3.19
Unaffected: 0 , < 3.19 (semver)
Unaffected: 4.9.330 , ≤ 4.9.* (semver)
Unaffected: 4.14.295 , ≤ 4.14.* (semver)
Unaffected: 4.19.260 , ≤ 4.19.* (semver)
Unaffected: 5.4.215 , ≤ 5.4.* (semver)
Unaffected: 5.10.146 , ≤ 5.10.* (semver)
Unaffected: 5.15.71 , ≤ 5.15.* (semver)
Unaffected: 5.19.12 , ≤ 5.19.* (semver)
Unaffected: 6.0 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "affected",
                "version": "3.19"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "affected",
                "version": "2ad7bf363841"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.7,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2022-48651",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-30T15:57:11.904317Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-125",
                "description": "CWE-125 Out-of-bounds Read",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:16:46.123Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T15:17:55.603Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e2b46cd5796f083e452fbc624f65b80328b0c1a4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/25efdbe5fe542c3063d1948cc4e98abcb57621ca"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/bffcdade259c05ab3436b5fab711612093c275ef"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/346e94aa4a99378592c46d6a34c72703a32bd5be"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ab4a733874ead120691e8038272d22f8444d3638"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8d06006c7eb75587d986da46c48ba9274f94e8e7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b583e6b25bf9321c91154f6c78d2173ef12c4241"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/81225b2ea161af48e093f58e8dfee6d705b16af4"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ipvlan/ipvlan_core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "e2b46cd5796f083e452fbc624f65b80328b0c1a4",
              "status": "affected",
              "version": "2ad7bf3638411cb547f2823df08166c13ab04269",
              "versionType": "git"
            },
            {
              "lessThan": "25efdbe5fe542c3063d1948cc4e98abcb57621ca",
              "status": "affected",
              "version": "2ad7bf3638411cb547f2823df08166c13ab04269",
              "versionType": "git"
            },
            {
              "lessThan": "bffcdade259c05ab3436b5fab711612093c275ef",
              "status": "affected",
              "version": "2ad7bf3638411cb547f2823df08166c13ab04269",
              "versionType": "git"
            },
            {
              "lessThan": "346e94aa4a99378592c46d6a34c72703a32bd5be",
              "status": "affected",
              "version": "2ad7bf3638411cb547f2823df08166c13ab04269",
              "versionType": "git"
            },
            {
              "lessThan": "ab4a733874ead120691e8038272d22f8444d3638",
              "status": "affected",
              "version": "2ad7bf3638411cb547f2823df08166c13ab04269",
              "versionType": "git"
            },
            {
              "lessThan": "8d06006c7eb75587d986da46c48ba9274f94e8e7",
              "status": "affected",
              "version": "2ad7bf3638411cb547f2823df08166c13ab04269",
              "versionType": "git"
            },
            {
              "lessThan": "b583e6b25bf9321c91154f6c78d2173ef12c4241",
              "status": "affected",
              "version": "2ad7bf3638411cb547f2823df08166c13ab04269",
              "versionType": "git"
            },
            {
              "lessThan": "81225b2ea161af48e093f58e8dfee6d705b16af4",
              "status": "affected",
              "version": "2ad7bf3638411cb547f2823df08166c13ab04269",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ipvlan/ipvlan_core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.19"
            },
            {
              "lessThan": "3.19",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.330",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.295",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.260",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.215",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.146",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.71",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.19.*",
              "status": "unaffected",
              "version": "5.19.12",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.0",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.9.330",
                  "versionStartIncluding": "3.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.14.295",
                  "versionStartIncluding": "3.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.260",
                  "versionStartIncluding": "3.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.215",
                  "versionStartIncluding": "3.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.146",
                  "versionStartIncluding": "3.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.71",
                  "versionStartIncluding": "3.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.19.12",
                  "versionStartIncluding": "3.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.0",
                  "versionStartIncluding": "3.19",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: Fix out-of-bound bugs caused by unset skb-\u003emac_header\n\nIf an AF_PACKET socket is used to send packets through ipvlan and the\ndefault xmit function of the AF_PACKET socket is changed from\ndev_queue_xmit() to packet_direct_xmit() via setsockopt() with the option\nname of PACKET_QDISC_BYPASS, the skb-\u003emac_header may not be reset and\nremains as the initial value of 65535, this may trigger slab-out-of-bounds\nbugs as following:\n\n=================================================================\nUG: KASAN: slab-out-of-bounds in ipvlan_xmit_mode_l2+0xdb/0x330 [ipvlan]\nPU: 2 PID: 1768 Comm: raw_send Kdump: loaded Not tainted 6.0.0-rc4+ #6\nardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-1.fc33\nall Trace:\nprint_address_description.constprop.0+0x1d/0x160\nprint_report.cold+0x4f/0x112\nkasan_report+0xa3/0x130\nipvlan_xmit_mode_l2+0xdb/0x330 [ipvlan]\nipvlan_start_xmit+0x29/0xa0 [ipvlan]\n__dev_direct_xmit+0x2e2/0x380\npacket_direct_xmit+0x22/0x60\npacket_snd+0x7c9/0xc40\nsock_sendmsg+0x9a/0xa0\n__sys_sendto+0x18a/0x230\n__x64_sys_sendto+0x74/0x90\ndo_syscall_64+0x3b/0x90\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nThe root cause is:\n  1. packet_snd() only reset skb-\u003emac_header when sock-\u003etype is SOCK_RAW\n     and skb-\u003eprotocol is not specified as in packet_parse_headers()\n\n  2. packet_direct_xmit() doesn\u0027t reset skb-\u003emac_header as dev_queue_xmit()\n\nIn this case, skb-\u003emac_header is 65535 when ipvlan_xmit_mode_l2() is\ncalled. So when ipvlan_xmit_mode_l2() gets mac header with eth_hdr() which\nuse \"skb-\u003ehead + skb-\u003emac_header\", out-of-bound access occurs.\n\nThis patch replaces eth_hdr() with skb_eth_hdr() in ipvlan_xmit_mode_l2()\nand reset mac header in multicast to solve this out-of-bound bug."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-04T08:20:35.610Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/e2b46cd5796f083e452fbc624f65b80328b0c1a4"
        },
        {
          "url": "https://git.kernel.org/stable/c/25efdbe5fe542c3063d1948cc4e98abcb57621ca"
        },
        {
          "url": "https://git.kernel.org/stable/c/bffcdade259c05ab3436b5fab711612093c275ef"
        },
        {
          "url": "https://git.kernel.org/stable/c/346e94aa4a99378592c46d6a34c72703a32bd5be"
        },
        {
          "url": "https://git.kernel.org/stable/c/ab4a733874ead120691e8038272d22f8444d3638"
        },
        {
          "url": "https://git.kernel.org/stable/c/8d06006c7eb75587d986da46c48ba9274f94e8e7"
        },
        {
          "url": "https://git.kernel.org/stable/c/b583e6b25bf9321c91154f6c78d2173ef12c4241"
        },
        {
          "url": "https://git.kernel.org/stable/c/81225b2ea161af48e093f58e8dfee6d705b16af4"
        }
      ],
      "title": "ipvlan: Fix out-of-bound bugs caused by unset skb-\u003emac_header",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2022-48651",
    "datePublished": "2024-04-28T13:00:42.929Z",
    "dateReserved": "2024-02-25T13:44:28.317Z",
    "dateUpdated": "2025-05-04T08:20:35.610Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-6546 (GCVE-0-2023-6546)

Vulnerability from cvelistv5 – Published: 2023-12-21 20:01 – Updated: 2026-02-18 17:14

Title

Kernel: gsm multiplexing race condition leads to privilege escalation

Summary

A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci while restarting the gsm mux. This could allow a local unprivileged user to escalate their privileges on the system.

Severity ?

7 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-366 - Race Condition within a Thread

Assigner

redhat

References

URL

Tags

	https://access.redhat.com/errata/RHSA-2024:0930	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:0937	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:1018	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:1019	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:1055	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:1250	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:1253	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:1306	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:1607	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:1612	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:1614	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:2093	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:2394	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:2621	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:2697	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:4577	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:4729	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:4731	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:4970	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2023-6546	vdb-entryx_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2255498	issue-trackingx_refsource_REDHAT
	https://github.com/torvalds/linux/commit/3c4f8333…
	https://www.zerodayinitiative.com/advisories/ZDI-…

Impacted products

Vendor

Product

Version

Red Hat

Red Hat Enterprise Linux 8

Unaffected: 0:4.18.0-513.24.1.rt7.326.el8_9 , < * (rpm)
cpe:/a:redhat:enterprise_linux:8::realtime
cpe:/a:redhat:enterprise_linux:8::nfv

Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:4.18.0-513.24.1.el8_9 , < * (rpm) cpe:/o:redhat:enterprise_linux:8::baseos cpe:/a:redhat:enterprise_linux:8::crb
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8::baseos
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	Unaffected: 0:4.18.0-193.136.1.el8_2 , < * (rpm) cpe:/o:redhat:rhel_aus:8.2::baseos
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 0:4.18.0-305.134.1.el8_4 , < * (rpm) cpe:/o:redhat:rhel_aus:8.4::baseos cpe:/o:redhat:rhel_tus:8.4::baseos cpe:/o:redhat:rhel_e4s:8.4::baseos
Red Hat	Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Unaffected: 0:4.18.0-305.134.1.rt7.210.el8_4 , < * (rpm) cpe:/a:redhat:rhel_tus:8.4::nfv cpe:/a:redhat:rhel_tus:8.4::realtime
Red Hat	Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Unaffected: 0:4.18.0-305.134.1.el8_4 , < * (rpm) cpe:/o:redhat:rhel_aus:8.4::baseos cpe:/o:redhat:rhel_tus:8.4::baseos cpe:/o:redhat:rhel_e4s:8.4::baseos
Red Hat	Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Unaffected: 0:4.18.0-305.134.1.el8_4 , < * (rpm) cpe:/o:redhat:rhel_aus:8.4::baseos cpe:/o:redhat:rhel_tus:8.4::baseos cpe:/o:redhat:rhel_e4s:8.4::baseos
Red Hat	Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	cpe:/o:redhat:rhel_e4s:8.4::baseos
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support	Unaffected: 0:4.18.0-372.93.1.el8_6 , < * (rpm) cpe:/o:redhat:rhev_hypervisor:4.4::el8 cpe:/a:redhat:rhel_eus:8.6::crb cpe:/o:redhat:rhel_eus:8.6::baseos
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support	cpe:/o:redhat:rhel_eus:8.6::baseos
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support	Unaffected: 0:4.18.0-477.55.1.el8_8 , < * (rpm) cpe:/a:redhat:rhel_eus:8.8::crb cpe:/o:redhat:rhel_eus:8.8::baseos
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support	cpe:/o:redhat:rhel_eus:8.8::baseos
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:5.14.0-427.13.1.el9_4 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::realtime cpe:/a:redhat:enterprise_linux:9::nfv cpe:/a:redhat:enterprise_linux:9::crb cpe:/o:redhat:enterprise_linux:9::baseos cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:5.14.0-427.13.1.el9_4 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::realtime cpe:/a:redhat:enterprise_linux:9::nfv cpe:/a:redhat:enterprise_linux:9::crb cpe:/o:redhat:enterprise_linux:9::baseos cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Extended Update Support	Unaffected: 0:5.14.0-70.93.2.el9_0 , < * (rpm) cpe:/a:redhat:rhel_eus:9.0::appstream cpe:/o:redhat:rhel_eus:9.0::baseos cpe:/a:redhat:rhel_eus:9.0::crb
Red Hat	Red Hat Enterprise Linux 9.0 Extended Update Support	Unaffected: 0:5.14.0-70.93.1.rt21.165.el9_0 , < * (rpm) cpe:/a:redhat:rhel_eus:9.0::realtime cpe:/a:redhat:rhel_eus:9.0::nfv
Red Hat	Red Hat Enterprise Linux 9.0 Extended Update Support	cpe:/o:redhat:rhel_eus:9.0::baseos
Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support	Unaffected: 0:5.14.0-284.55.1.el9_2 , < * (rpm) cpe:/a:redhat:rhel_eus:9.2::appstream cpe:/a:redhat:rhel_eus:9.2::crb cpe:/o:redhat:rhel_eus:9.2::baseos
Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support	Unaffected: 0:5.14.0-284.55.1.rt14.340.el9_2 , < * (rpm) cpe:/a:redhat:rhel_eus:9.2::realtime cpe:/a:redhat:rhel_eus:9.2::nfv
Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support	cpe:/o:redhat:rhel_eus:9.2::baseos
Red Hat	Red Hat Virtualization 4 for Red Hat Enterprise Linux 8	Unaffected: 0:4.18.0-372.93.1.el8_6 , < * (rpm) cpe:/o:redhat:rhev_hypervisor:4.4::el8 cpe:/a:redhat:rhel_eus:8.6::crb cpe:/o:redhat:rhel_eus:8.6::baseos
Red Hat	RHOL-5.7-RHEL-8	Unaffected: v5.7.13-16 , < * (rpm) cpe:/a:redhat:logging:5.7::el8
Red Hat	RHOL-5.7-RHEL-8	Unaffected: v5.7.13-7 , < * (rpm) cpe:/a:redhat:logging:5.7::el8
Red Hat	RHOL-5.7-RHEL-8	Unaffected: v6.8.1-408 , < * (rpm) cpe:/a:redhat:logging:5.7::el8
Red Hat	RHOL-5.7-RHEL-8	Unaffected: v5.7.13-19 , < * (rpm) cpe:/a:redhat:logging:5.7::el8
Red Hat	RHOL-5.7-RHEL-8	Unaffected: v1.0.0-480 , < * (rpm) cpe:/a:redhat:logging:5.7::el8
Red Hat	RHOL-5.7-RHEL-8	Unaffected: v5.7.13-9 , < * (rpm) cpe:/a:redhat:logging:5.7::el8
Red Hat	RHOL-5.7-RHEL-8	Unaffected: v0.4.0-248 , < * (rpm) cpe:/a:redhat:logging:5.7::el8
Red Hat	RHOL-5.7-RHEL-8	Unaffected: v1.14.6-215 , < * (rpm) cpe:/a:redhat:logging:5.7::el8
Red Hat	RHOL-5.7-RHEL-8	Unaffected: v6.8.1-431 , < * (rpm) cpe:/a:redhat:logging:5.7::el8
Red Hat	RHOL-5.7-RHEL-8	Unaffected: v1.1.0-228 , < * (rpm) cpe:/a:redhat:logging:5.7::el8
Red Hat	RHOL-5.7-RHEL-8	Unaffected: v5.8.1-471 , < * (rpm) cpe:/a:redhat:logging:5.7::el8
Red Hat	RHOL-5.7-RHEL-8	Unaffected: v2.9.6-15 , < * (rpm) cpe:/a:redhat:logging:5.7::el8
Red Hat	RHOL-5.7-RHEL-8	Unaffected: v5.7.13-3 , < * (rpm) cpe:/a:redhat:logging:5.7::el8
Red Hat	RHOL-5.7-RHEL-8	Unaffected: v5.7.13-27 , < * (rpm) cpe:/a:redhat:logging:5.7::el8
Red Hat	RHOL-5.7-RHEL-8	Unaffected: v5.7.13-12 , < * (rpm) cpe:/a:redhat:logging:5.7::el8
Red Hat	RHOL-5.7-RHEL-8	Unaffected: v0.1.0-527 , < * (rpm) cpe:/a:redhat:logging:5.7::el8
Red Hat	RHOL-5.7-RHEL-8	Unaffected: v0.1.0-225 , < * (rpm) cpe:/a:redhat:logging:5.7::el8
Red Hat	RHOL-5.7-RHEL-8	Unaffected: v0.28.1-57 , < * (rpm) cpe:/a:redhat:logging:5.7::el8
Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
Red Hat	Red Hat Enterprise Linux 9	cpe:/o:redhat:enterprise_linux:9

Date Public ?

2023-12-21 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:35:14.746Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/04/10/18"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/04/10/21"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/04/11/7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/04/11/9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/04/12/1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/04/12/2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/04/16/2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/04/17/1"
          },
          {
            "name": "RHSA-2024:0930",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0930"
          },
          {
            "name": "RHSA-2024:0937",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0937"
          },
          {
            "name": "RHSA-2024:1018",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1018"
          },
          {
            "name": "RHSA-2024:1019",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1019"
          },
          {
            "name": "RHSA-2024:1055",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1055"
          },
          {
            "name": "RHSA-2024:1250",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1250"
          },
          {
            "name": "RHSA-2024:1253",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1253"
          },
          {
            "name": "RHSA-2024:1306",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1306"
          },
          {
            "name": "RHSA-2024:1607",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1607"
          },
          {
            "name": "RHSA-2024:1612",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1612"
          },
          {
            "name": "RHSA-2024:1614",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1614"
          },
          {
            "name": "RHSA-2024:2093",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2093"
          },
          {
            "name": "RHSA-2024:2394",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2394"
          },
          {
            "name": "RHSA-2024:2621",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2621"
          },
          {
            "name": "RHSA-2024:2697",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2697"
          },
          {
            "name": "RHSA-2024:4577",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4577"
          },
          {
            "name": "RHSA-2024:4729",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4729"
          },
          {
            "name": "RHSA-2024:4731",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4731"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2023-6546"
          },
          {
            "name": "RHBZ#2255498",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255498"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/3c4f8333b582487a2d1e02171f1465531cde53e3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-20527"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::realtime",
            "cpe:/a:redhat:enterprise_linux:8::nfv"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-513.24.1.rt7.326.el8_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos",
            "cpe:/a:redhat:enterprise_linux:8::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-513.24.1.el8_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kpatch-patch",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.2::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-193.136.1.el8_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/o:redhat:rhel_tus:8.4::baseos",
            "cpe:/o:redhat:rhel_e4s:8.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-305.134.1.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.4::nfv",
            "cpe:/a:redhat:rhel_tus:8.4::realtime"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-305.134.1.rt7.210.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/o:redhat:rhel_tus:8.4::baseos",
            "cpe:/o:redhat:rhel_e4s:8.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-305.134.1.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/o:redhat:rhel_tus:8.4::baseos",
            "cpe:/o:redhat:rhel_e4s:8.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-305.134.1.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:8.4::baseos"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kpatch-patch",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhev_hypervisor:4.4::el8",
            "cpe:/a:redhat:rhel_eus:8.6::crb",
            "cpe:/o:redhat:rhel_eus:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-372.93.1.el8_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:8.6::baseos"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kpatch-patch",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::crb",
            "cpe:/o:redhat:rhel_eus:8.8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-477.55.1.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:8.8::baseos"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kpatch-patch",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::realtime",
            "cpe:/a:redhat:enterprise_linux:9::nfv",
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.14.0-427.13.1.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::realtime",
            "cpe:/a:redhat:enterprise_linux:9::nfv",
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.14.0-427.13.1.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.0::appstream",
            "cpe:/o:redhat:rhel_eus:9.0::baseos",
            "cpe:/a:redhat:rhel_eus:9.0::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.14.0-70.93.2.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.0::realtime",
            "cpe:/a:redhat:rhel_eus:9.0::nfv"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.14.0-70.93.1.rt21.165.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:9.0::baseos"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kpatch-patch",
          "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream",
            "cpe:/a:redhat:rhel_eus:9.2::crb",
            "cpe:/o:redhat:rhel_eus:9.2::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.14.0-284.55.1.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::realtime",
            "cpe:/a:redhat:rhel_eus:9.2::nfv"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.14.0-284.55.1.rt14.340.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:9.2::baseos"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kpatch-patch",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhev_hypervisor:4.4::el8",
            "cpe:/a:redhat:rhel_eus:8.6::crb",
            "cpe:/o:redhat:rhel_eus:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-372.93.1.el8_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.7::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/cluster-logging-operator-bundle",
          "product": "RHOL-5.7-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v5.7.13-16",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.7::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/cluster-logging-rhel8-operator",
          "product": "RHOL-5.7-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v5.7.13-7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.7::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/elasticsearch6-rhel8",
          "product": "RHOL-5.7-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v6.8.1-408",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.7::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/elasticsearch-operator-bundle",
          "product": "RHOL-5.7-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v5.7.13-19",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.7::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/elasticsearch-proxy-rhel8",
          "product": "RHOL-5.7-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v1.0.0-480",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.7::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/elasticsearch-rhel8-operator",
          "product": "RHOL-5.7-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v5.7.13-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.7::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/eventrouter-rhel8",
          "product": "RHOL-5.7-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v0.4.0-248",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.7::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/fluentd-rhel8",
          "product": "RHOL-5.7-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v1.14.6-215",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.7::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/kibana6-rhel8",
          "product": "RHOL-5.7-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v6.8.1-431",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.7::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/log-file-metric-exporter-rhel8",
          "product": "RHOL-5.7-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v1.1.0-228",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.7::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/logging-curator5-rhel8",
          "product": "RHOL-5.7-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v5.8.1-471",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.7::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/logging-loki-rhel8",
          "product": "RHOL-5.7-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v2.9.6-15",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.7::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/logging-view-plugin-rhel8",
          "product": "RHOL-5.7-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v5.7.13-3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.7::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/loki-operator-bundle",
          "product": "RHOL-5.7-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v5.7.13-27",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.7::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/loki-rhel8-operator",
          "product": "RHOL-5.7-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v5.7.13-12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.7::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/lokistack-gateway-rhel8",
          "product": "RHOL-5.7-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v0.1.0-527",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.7::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/opa-openshift-rhel8",
          "product": "RHOL-5.7-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v0.1.0-225",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.7::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/vector-rhel8",
          "product": "RHOL-5.7-RHEL-8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v0.28.1-57",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2023-12-21T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci while restarting the gsm mux. This could allow a local unprivileged user to escalate their privileges on the system."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-366",
              "description": "Race Condition within a Thread",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-18T17:14:39.905Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:0930",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0930"
        },
        {
          "name": "RHSA-2024:0937",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0937"
        },
        {
          "name": "RHSA-2024:1018",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1018"
        },
        {
          "name": "RHSA-2024:1019",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1019"
        },
        {
          "name": "RHSA-2024:1055",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1055"
        },
        {
          "name": "RHSA-2024:1250",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1250"
        },
        {
          "name": "RHSA-2024:1253",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1253"
        },
        {
          "name": "RHSA-2024:1306",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1306"
        },
        {
          "name": "RHSA-2024:1607",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1607"
        },
        {
          "name": "RHSA-2024:1612",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1612"
        },
        {
          "name": "RHSA-2024:1614",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1614"
        },
        {
          "name": "RHSA-2024:2093",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2093"
        },
        {
          "name": "RHSA-2024:2394",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2394"
        },
        {
          "name": "RHSA-2024:2621",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2621"
        },
        {
          "name": "RHSA-2024:2697",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2697"
        },
        {
          "name": "RHSA-2024:4577",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4577"
        },
        {
          "name": "RHSA-2024:4729",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4729"
        },
        {
          "name": "RHSA-2024:4731",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4731"
        },
        {
          "name": "RHSA-2024:4970",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4970"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2023-6546"
        },
        {
          "name": "RHBZ#2255498",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255498"
        },
        {
          "url": "https://github.com/torvalds/linux/commit/3c4f8333b582487a2d1e02171f1465531cde53e3"
        },
        {
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-20527"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2023-12-18T00:00:00.000Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2023-12-21T00:00:00.000Z",
          "value": "Made public."
        }
      ],
      "title": "Kernel: gsm multiplexing race condition leads to privilege escalation",
      "workarounds": [
        {
          "lang": "en",
          "value": "This flaw can be mitigated by preventing the affected `n_gsm` kernel module from being loaded. For instructions on how to blacklist a kernel module, please see https://access.redhat.com/solutions/41278."
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.8.0"
      },
      "x_redhatCweChain": "CWE-366: Race Condition within a Thread"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-6546",
    "datePublished": "2023-12-21T20:01:03.217Z",
    "dateReserved": "2023-12-06T07:11:48.937Z",
    "dateUpdated": "2026-02-18T17:14:39.905Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-52502 (GCVE-0-2023-52502)

Vulnerability from cvelistv5 – Published: 2024-03-02 21:52 – Updated: 2025-05-04 07:38

Title

net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn()

Summary

In the Linux kernel, the following vulnerability has been resolved: net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() Sili Luo reported a race in nfc_llcp_sock_get(), leading to UAF. Getting a reference on the socket found in a lookup while holding a lock should happen before releasing the lock. nfc_llcp_sock_get_sn() has a similar problem. Finally nfc_llcp_recv_snl() needs to make sure the socket found by nfc_llcp_sock_from_sn() does not disappear.

Severity ?

6.3 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H

CWE

CWE-noinfo Not enough information

Assigner

Linux

References

URL

Tags

	https://git.kernel.org/stable/c/e863f5720a5680e50…
	https://git.kernel.org/stable/c/7adcf014bda16cdbf…
	https://git.kernel.org/stable/c/6ac22ecdaad2ecc66…
	https://git.kernel.org/stable/c/d888d3f70b0de32b4…
	https://git.kernel.org/stable/c/e4f2611f07c87b3dd…
	https://git.kernel.org/stable/c/d1af8a39cf839d93c…
	https://git.kernel.org/stable/c/31c07dffafce914c1…

Impacted products

Vendor

Product

Version

Linux

Affected: 8f50020ed9b81ba909ce9573f9d05263cdebf502 , < e863f5720a5680e50c4cecf12424d7cc31b3eb0a (git)
Affected: 8f50020ed9b81ba909ce9573f9d05263cdebf502 , < 7adcf014bda16cdbf804af5c164d94d5d025db2d (git)
Affected: 8f50020ed9b81ba909ce9573f9d05263cdebf502 , < 6ac22ecdaad2ecc662048f8c6b0ceb1ca0699ef9 (git)
Affected: 8f50020ed9b81ba909ce9573f9d05263cdebf502 , < d888d3f70b0de32b4f51534175f039ddab15eef8 (git)
Affected: 8f50020ed9b81ba909ce9573f9d05263cdebf502 , < e4f2611f07c87b3ddb57c4b9e8efcd1e330fc3dc (git)
Affected: 8f50020ed9b81ba909ce9573f9d05263cdebf502 , < d1af8a39cf839d93c8967fdd858f6bbdc3e4a15c (git)
Affected: 8f50020ed9b81ba909ce9573f9d05263cdebf502 , < 31c07dffafce914c1d1543c135382a11ff058d93 (git)

Linux

Affected: 3.6
Unaffected: 0 , < 3.6 (semver)
Unaffected: 4.19.297 , ≤ 4.19.* (semver)
Unaffected: 5.4.259 , ≤ 5.4.* (semver)
Unaffected: 5.10.199 , ≤ 5.10.* (semver)
Unaffected: 5.15.136 , ≤ 5.15.* (semver)
Unaffected: 6.1.59 , ≤ 6.1.* (semver)
Unaffected: 6.5.8 , ≤ 6.5.* (semver)
Unaffected: 6.6 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 6.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-52502",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-05T20:30:02.589366Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-05T14:59:47.087Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:03:20.409Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e863f5720a5680e50c4cecf12424d7cc31b3eb0a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7adcf014bda16cdbf804af5c164d94d5d025db2d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6ac22ecdaad2ecc662048f8c6b0ceb1ca0699ef9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d888d3f70b0de32b4f51534175f039ddab15eef8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e4f2611f07c87b3ddb57c4b9e8efcd1e330fc3dc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d1af8a39cf839d93c8967fdd858f6bbdc3e4a15c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/31c07dffafce914c1d1543c135382a11ff058d93"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/nfc/llcp_core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "e863f5720a5680e50c4cecf12424d7cc31b3eb0a",
              "status": "affected",
              "version": "8f50020ed9b81ba909ce9573f9d05263cdebf502",
              "versionType": "git"
            },
            {
              "lessThan": "7adcf014bda16cdbf804af5c164d94d5d025db2d",
              "status": "affected",
              "version": "8f50020ed9b81ba909ce9573f9d05263cdebf502",
              "versionType": "git"
            },
            {
              "lessThan": "6ac22ecdaad2ecc662048f8c6b0ceb1ca0699ef9",
              "status": "affected",
              "version": "8f50020ed9b81ba909ce9573f9d05263cdebf502",
              "versionType": "git"
            },
            {
              "lessThan": "d888d3f70b0de32b4f51534175f039ddab15eef8",
              "status": "affected",
              "version": "8f50020ed9b81ba909ce9573f9d05263cdebf502",
              "versionType": "git"
            },
            {
              "lessThan": "e4f2611f07c87b3ddb57c4b9e8efcd1e330fc3dc",
              "status": "affected",
              "version": "8f50020ed9b81ba909ce9573f9d05263cdebf502",
              "versionType": "git"
            },
            {
              "lessThan": "d1af8a39cf839d93c8967fdd858f6bbdc3e4a15c",
              "status": "affected",
              "version": "8f50020ed9b81ba909ce9573f9d05263cdebf502",
              "versionType": "git"
            },
            {
              "lessThan": "31c07dffafce914c1d1543c135382a11ff058d93",
              "status": "affected",
              "version": "8f50020ed9b81ba909ce9573f9d05263cdebf502",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/nfc/llcp_core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.6"
            },
            {
              "lessThan": "3.6",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.297",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.259",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.199",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.136",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.59",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.8",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.6",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.297",
                  "versionStartIncluding": "3.6",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.259",
                  "versionStartIncluding": "3.6",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.199",
                  "versionStartIncluding": "3.6",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.136",
                  "versionStartIncluding": "3.6",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.59",
                  "versionStartIncluding": "3.6",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.5.8",
                  "versionStartIncluding": "3.6",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6",
                  "versionStartIncluding": "3.6",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn()\n\nSili Luo reported a race in nfc_llcp_sock_get(), leading to UAF.\n\nGetting a reference on the socket found in a lookup while\nholding a lock should happen before releasing the lock.\n\nnfc_llcp_sock_get_sn() has a similar problem.\n\nFinally nfc_llcp_recv_snl() needs to make sure the socket\nfound by nfc_llcp_sock_from_sn() does not disappear."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-04T07:38:07.231Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/e863f5720a5680e50c4cecf12424d7cc31b3eb0a"
        },
        {
          "url": "https://git.kernel.org/stable/c/7adcf014bda16cdbf804af5c164d94d5d025db2d"
        },
        {
          "url": "https://git.kernel.org/stable/c/6ac22ecdaad2ecc662048f8c6b0ceb1ca0699ef9"
        },
        {
          "url": "https://git.kernel.org/stable/c/d888d3f70b0de32b4f51534175f039ddab15eef8"
        },
        {
          "url": "https://git.kernel.org/stable/c/e4f2611f07c87b3ddb57c4b9e8efcd1e330fc3dc"
        },
        {
          "url": "https://git.kernel.org/stable/c/d1af8a39cf839d93c8967fdd858f6bbdc3e4a15c"
        },
        {
          "url": "https://git.kernel.org/stable/c/31c07dffafce914c1d1543c135382a11ff058d93"
        }
      ],
      "title": "net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn()",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52502",
    "datePublished": "2024-03-02T21:52:17.218Z",
    "dateReserved": "2024-02-20T12:30:33.313Z",
    "dateUpdated": "2025-05-04T07:38:07.231Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-26610 (GCVE-0-2024-26610)

Vulnerability from cvelistv5 – Published: 2024-02-29 15:52 – Updated: 2025-05-04 08:52

Title

wifi: iwlwifi: fix a memory corruption

Summary

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix a memory corruption iwl_fw_ini_trigger_tlv::data is a pointer to a __le32, which means that if we copy to iwl_fw_ini_trigger_tlv::data + offset while offset is in bytes, we'll write past the buffer.

Severity ?

No CVSS data available.

Assigner

Linux

References

URL

Tags

	https://git.kernel.org/stable/c/05dd9facfb9a1e056…
	https://git.kernel.org/stable/c/99a23462fe1a6f709…
	https://git.kernel.org/stable/c/aa2cc9363926991ba…
	https://git.kernel.org/stable/c/870171899d75d43e3…
	https://git.kernel.org/stable/c/f32a81999d0b8e5ce…
	https://git.kernel.org/stable/c/cf4a0d840ecc72fcf…

Impacted products

Vendor

Product

Version

Linux

Affected: cf29c5b66b9f83939367d90679eb68cdfa2f0356 , < 05dd9facfb9a1e056752c0901c6e86416037d15a (git)
Affected: cf29c5b66b9f83939367d90679eb68cdfa2f0356 , < 99a23462fe1a6f709f0fda3ebbe8b6b193ac75bd (git)
Affected: cf29c5b66b9f83939367d90679eb68cdfa2f0356 , < aa2cc9363926991ba74411e3aa0a0ea82c1ffe32 (git)
Affected: cf29c5b66b9f83939367d90679eb68cdfa2f0356 , < 870171899d75d43e3d14360f3a4850e90a9c289b (git)
Affected: cf29c5b66b9f83939367d90679eb68cdfa2f0356 , < f32a81999d0b8e5ce60afb5f6a3dd7241c17dd67 (git)
Affected: cf29c5b66b9f83939367d90679eb68cdfa2f0356 , < cf4a0d840ecc72fcf16198d5e9c505ab7d5a5e4d (git)

Linux

Affected: 5.5
Unaffected: 0 , < 5.5 (semver)
Unaffected: 5.10.210 , ≤ 5.10.* (semver)
Unaffected: 5.15.149 , ≤ 5.15.* (semver)
Unaffected: 6.1.76 , ≤ 6.1.* (semver)
Unaffected: 6.6.15 , ≤ 6.6.* (semver)
Unaffected: 6.7.3 , ≤ 6.7.* (semver)
Unaffected: 6.8 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-26610",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-12T18:22:31.931608Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:49:28.637Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:07:19.572Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/05dd9facfb9a1e056752c0901c6e86416037d15a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/99a23462fe1a6f709f0fda3ebbe8b6b193ac75bd"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/aa2cc9363926991ba74411e3aa0a0ea82c1ffe32"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/870171899d75d43e3d14360f3a4850e90a9c289b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f32a81999d0b8e5ce60afb5f6a3dd7241c17dd67"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/cf4a0d840ecc72fcf16198d5e9c505ab7d5a5e4d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/wireless/intel/iwlwifi/iwl-dbg-tlv.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "05dd9facfb9a1e056752c0901c6e86416037d15a",
              "status": "affected",
              "version": "cf29c5b66b9f83939367d90679eb68cdfa2f0356",
              "versionType": "git"
            },
            {
              "lessThan": "99a23462fe1a6f709f0fda3ebbe8b6b193ac75bd",
              "status": "affected",
              "version": "cf29c5b66b9f83939367d90679eb68cdfa2f0356",
              "versionType": "git"
            },
            {
              "lessThan": "aa2cc9363926991ba74411e3aa0a0ea82c1ffe32",
              "status": "affected",
              "version": "cf29c5b66b9f83939367d90679eb68cdfa2f0356",
              "versionType": "git"
            },
            {
              "lessThan": "870171899d75d43e3d14360f3a4850e90a9c289b",
              "status": "affected",
              "version": "cf29c5b66b9f83939367d90679eb68cdfa2f0356",
              "versionType": "git"
            },
            {
              "lessThan": "f32a81999d0b8e5ce60afb5f6a3dd7241c17dd67",
              "status": "affected",
              "version": "cf29c5b66b9f83939367d90679eb68cdfa2f0356",
              "versionType": "git"
            },
            {
              "lessThan": "cf4a0d840ecc72fcf16198d5e9c505ab7d5a5e4d",
              "status": "affected",
              "version": "cf29c5b66b9f83939367d90679eb68cdfa2f0356",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/wireless/intel/iwlwifi/iwl-dbg-tlv.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.5"
            },
            {
              "lessThan": "5.5",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.210",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.149",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.76",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.15",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.7.*",
              "status": "unaffected",
              "version": "6.7.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.8",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.210",
                  "versionStartIncluding": "5.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.149",
                  "versionStartIncluding": "5.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.76",
                  "versionStartIncluding": "5.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.15",
                  "versionStartIncluding": "5.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.7.3",
                  "versionStartIncluding": "5.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.8",
                  "versionStartIncluding": "5.5",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: fix a memory corruption\n\niwl_fw_ini_trigger_tlv::data is a pointer to a __le32, which means that\nif we copy to iwl_fw_ini_trigger_tlv::data + offset while offset is in\nbytes, we\u0027ll write past the buffer."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-04T08:52:16.227Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/05dd9facfb9a1e056752c0901c6e86416037d15a"
        },
        {
          "url": "https://git.kernel.org/stable/c/99a23462fe1a6f709f0fda3ebbe8b6b193ac75bd"
        },
        {
          "url": "https://git.kernel.org/stable/c/aa2cc9363926991ba74411e3aa0a0ea82c1ffe32"
        },
        {
          "url": "https://git.kernel.org/stable/c/870171899d75d43e3d14360f3a4850e90a9c289b"
        },
        {
          "url": "https://git.kernel.org/stable/c/f32a81999d0b8e5ce60afb5f6a3dd7241c17dd67"
        },
        {
          "url": "https://git.kernel.org/stable/c/cf4a0d840ecc72fcf16198d5e9c505ab7d5a5e4d"
        }
      ],
      "title": "wifi: iwlwifi: fix a memory corruption",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-26610",
    "datePublished": "2024-02-29T15:52:15.796Z",
    "dateReserved": "2024-02-19T14:20:24.130Z",
    "dateUpdated": "2025-05-04T08:52:16.227Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

SUSE-SU-2024:1731-1

CVE-2022-48651 (GCVE-0-2022-48651)

CVE-2023-6546 (GCVE-0-2023-6546)

CVE-2023-52502 (GCVE-0-2023-52502)

CVE-2024-26610 (GCVE-0-2024-26610)

Tags

Sightings

Nomenclature