Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2023-6535

Опубликовано: 07 фев. 2024
Источник: debian

Описание

A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
linuxfixed6.6.15-1package
linuxfixed6.1.76-1bookwormpackage
linuxfixed5.10.209-1bullseyepackage

Примечания

  • https://bugzilla.redhat.com/show_bug.cgi?id=2254053

  • https://git.kernel.org/linus/efa56305908ba20de2104f1b8508c6a7401833be (6.8-rc1)

  • https://git.kernel.org/linus/0849a5441358cef02586fb2d60f707c0db195628 (6.8-rc1)

  • https://git.kernel.org/linus/9a1abc24850eb759e36a2f8869161c3b7254c904 (6.8-rc1)

Связанные уязвимости

ubuntu логотип

CVE-2023-6535

CVSS3: 6.5
ubuntu
больше 1 года назад

A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.

redhat логотип

CVE-2023-6535

CVSS3: 6.5
redhat
больше 1 года назад

A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.

nvd логотип

CVE-2023-6535

CVSS3: 6.5
nvd
больше 1 года назад

A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.

github логотип

GHSA-v8xr-j3gp-fmxj

CVSS3: 6.5
github
больше 1 года назад

A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.

fstec логотип

BDU:2023-09025

CVSS3: 7.5
fstec
больше 1 года назад

Уязвимость функции nvmet_tcp_execute_request() в модуле drivers/nvme/target/tcp.c драйвера NVMe ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании