CVE-2023-6535
Kernel: null pointer dereference in nvmet_tcp_execute_request
Severity Score
7.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track
*SSVC
Descriptions
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.
Se encontró una falla en el controlador NVMe del kernel de Linux. Este problema puede permitir que un actor malicioso no autenticado envíe un conjunto de paquetes TCP manipulados cuando usa NVMe sobre TCP, lo que lleva al controlador NVMe a una desreferencia del puntero NULL en el controlador NVMe, lo que provoca pánico en el kernel y una denegación de servicio.
*Credits:
Red Hat would like to thank Alon Zahavi for reporting this issue.
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2023-12-05 CVE Reserved
- 2024-02-07 CVE Published
- 2024-09-14 EPSS Updated
- 2024-11-15 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-476: NULL Pointer Dereference
CAPEC
References (12)
| URL | Tag | Source |
|---|---|---|
| https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html |
|
|
| https://security.netapp.com/advisory/ntap-20240415-0003 |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2024:0723 | 2024-07-08 | |
| https://access.redhat.com/errata/RHSA-2024:0724 | 2024-07-08 | |
| https://access.redhat.com/errata/RHSA-2024:0725 | 2024-07-08 | |
| https://access.redhat.com/errata/RHSA-2024:0881 | 2024-07-08 | |
| https://access.redhat.com/errata/RHSA-2024:0897 | 2024-07-08 | |
| https://access.redhat.com/errata/RHSA-2024:1248 | 2024-07-08 | |
| https://access.redhat.com/errata/RHSA-2024:2094 | 2024-07-08 | |
| https://access.redhat.com/errata/RHSA-2024:3810 | 2024-07-08 | |
| https://access.redhat.com/security/cve/CVE-2023-6535 | 2024-06-11 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2254053 | 2024-06-11 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Redhat Search vendor "Redhat" | Virtualization Host Search vendor "Redhat" for product "Virtualization Host" | 4.0 Search vendor "Redhat" for product "Virtualization Host" and version "4.0" | - |
Affected
| in | Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 8.0 Search vendor "Redhat" for product "Enterprise Linux" and version "8.0" | - |
Safe
|
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | - | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Codeready Linux Builder Eus Search vendor "Redhat" for product "Codeready Linux Builder Eus" | 8.6 Search vendor "Redhat" for product "Codeready Linux Builder Eus" and version "8.6" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Codeready Linux Builder Eus Search vendor "Redhat" for product "Codeready Linux Builder Eus" | 9.2 Search vendor "Redhat" for product "Codeready Linux Builder Eus" and version "9.2" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Codeready Linux Builder Eus For Power Little Endian Eus Search vendor "Redhat" for product "Codeready Linux Builder Eus For Power Little Endian Eus" | 8.6_ppc64le Search vendor "Redhat" for product "Codeready Linux Builder Eus For Power Little Endian Eus" and version "8.6_ppc64le" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Codeready Linux Builder Eus For Power Little Endian Eus Search vendor "Redhat" for product "Codeready Linux Builder Eus For Power Little Endian Eus" | 9.2_ppc64le Search vendor "Redhat" for product "Codeready Linux Builder Eus For Power Little Endian Eus" and version "9.2_ppc64le" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Codeready Linux Builder For Arm64 Eus Search vendor "Redhat" for product "Codeready Linux Builder For Arm64 Eus" | 8.6_aarch64 Search vendor "Redhat" for product "Codeready Linux Builder For Arm64 Eus" and version "8.6_aarch64" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Codeready Linux Builder For Arm64 Eus Search vendor "Redhat" for product "Codeready Linux Builder For Arm64 Eus" | 9.2_aarch64 Search vendor "Redhat" for product "Codeready Linux Builder For Arm64 Eus" and version "9.2_aarch64" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Codeready Linux Builder For Ibm Z Systems Eus Search vendor "Redhat" for product "Codeready Linux Builder For Ibm Z Systems Eus" | 9.2_s390x Search vendor "Redhat" for product "Codeready Linux Builder For Ibm Z Systems Eus" and version "9.2_s390x" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 8.0 Search vendor "Redhat" for product "Enterprise Linux" and version "8.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 9.0 Search vendor "Redhat" for product "Enterprise Linux" and version "9.0" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Eus Search vendor "Redhat" for product "Enterprise Linux Eus" | 8.6 Search vendor "Redhat" for product "Enterprise Linux Eus" and version "8.6" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Eus Search vendor "Redhat" for product "Enterprise Linux Eus" | 9.2 Search vendor "Redhat" for product "Enterprise Linux Eus" and version "9.2" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux For Arm 64 Eus Search vendor "Redhat" for product "Enterprise Linux For Arm 64 Eus" | 8.6_aarch64 Search vendor "Redhat" for product "Enterprise Linux For Arm 64 Eus" and version "8.6_aarch64" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux For Arm 64 Eus Search vendor "Redhat" for product "Enterprise Linux For Arm 64 Eus" | 9.2_aarch64 Search vendor "Redhat" for product "Enterprise Linux For Arm 64 Eus" and version "9.2_aarch64" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux For Ibm Z Systems Eus Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems Eus" | 8.6_s390x Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems Eus" and version "8.6_s390x" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux For Ibm Z Systems Eus Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems Eus" | 9.2_s390x Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems Eus" and version "9.2_s390x" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux For Power Little Endian Eus Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian Eus" | 8.6_ppc64le Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian Eus" and version "8.6_ppc64le" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux For Power Little Endian Eus Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian Eus" | 9.2_ppc64le Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian Eus" and version "9.2_ppc64le" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux For Real Time Search vendor "Redhat" for product "Enterprise Linux For Real Time" | 9.2 Search vendor "Redhat" for product "Enterprise Linux For Real Time" and version "9.2" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux For Real Time For Nfv Search vendor "Redhat" for product "Enterprise Linux For Real Time For Nfv" | 9.2 Search vendor "Redhat" for product "Enterprise Linux For Real Time For Nfv" and version "9.2" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Server Aus Search vendor "Redhat" for product "Enterprise Linux Server Aus" | 8.6 Search vendor "Redhat" for product "Enterprise Linux Server Aus" and version "8.6" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Server Aus Search vendor "Redhat" for product "Enterprise Linux Server Aus" | 9.2 Search vendor "Redhat" for product "Enterprise Linux Server Aus" and version "9.2" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions Search vendor "Redhat" for product "Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions" | 8.6_ppc64le Search vendor "Redhat" for product "Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions" and version "8.6_ppc64le" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions Search vendor "Redhat" for product "Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions" | 9.2_ppc64le Search vendor "Redhat" for product "Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions" and version "9.2_ppc64le" | - |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Enterprise Linux Server Tus Search vendor "Redhat" for product "Enterprise Linux Server Tus" | 8.6 Search vendor "Redhat" for product "Enterprise Linux Server Tus" and version "8.6" | - |
Affected
| ||||||