Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2023-6176

Опубликовано: 12 сент. 2023
Источник: redhat
CVSS3: 4.7
EPSS Низкий

Описание

A null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm scatterwalk functionality. This issue occurs when a user constructs a malicious packet with specific socket configuration, which could allow a local user to crash the system or escalate their privileges on the system.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 9kernel-rtAffected
Red Hat Enterprise Linux 8kernel-rtFixedRHSA-2024:295022.05.2024
Red Hat Enterprise Linux 8kernelFixedRHSA-2024:313822.05.2024
Red Hat Enterprise Linux 9kernelFixedRHSA-2024:239430.04.2024
Red Hat Enterprise Linux 9kernelFixedRHSA-2024:239430.04.2024

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
https://bugzilla.redhat.com/show_bug.cgi?id=2219359kernel: local dos vulnerability in scatterwalk_copychunks

EPSS

Процентиль: 1%
0.0001
Низкий

4.7 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2023-6176

CVSS3: 4.7
ubuntu
больше 1 года назад

A null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm scatterwalk functionality. This issue occurs when a user constructs a malicious packet with specific socket configuration, which could allow a local user to crash the system or escalate their privileges on the system.

nvd логотип

CVE-2023-6176

CVSS3: 4.7
nvd
больше 1 года назад

A null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm scatterwalk functionality. This issue occurs when a user constructs a malicious packet with specific socket configuration, which could allow a local user to crash the system or escalate their privileges on the system.

debian логотип

CVE-2023-6176

CVSS3: 4.7
debian
больше 1 года назад

A null pointer dereference flaw was found in the Linux kernel API for ...

github логотип

GHSA-fq9v-vwjc-pv76

CVSS3: 4.4
github
больше 1 года назад

A null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm scatterwalk functionality. This issue occurs when a user constructs a malicious packet with specific socket configuration, which could allow a local user to crash the system or escalate their privileges on the system.

fstec логотип

BDU:2023-08129

CVSS3: 4.7
fstec
почти 2 года назад

Уязвимость функции scatterwalk_copychunks() в модуле net/tls/tls_sw.c криптографической подсистемы ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или повысить свои привилегии

EPSS

Процентиль: 1%
0.0001
Низкий

4.7 Medium

CVSS3