// For flags

CVE-2023-6536

Kernel: null pointer dereference in __nvmet_req_complete

Severity Score

7.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Track
*SSVC
Descriptions

A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.

Se encontró una falla en el controlador NVMe del kernel de Linux. Este problema puede permitir que un actor malicioso no autenticado envíe un conjunto de paquetes TCP manipulados cuando usa NVMe sobre TCP, lo que lleva al controlador NVMe a una desreferencia del puntero NULL en el controlador NVMe, lo que provoca pánico en el kernel y una denegación de servicio.

*Credits: Red Hat would like to thank Alon Zahavi for reporting this issue.
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:Track
Exploitation
None
Automatable
No
Tech. Impact
Partial
* Organization's Worst-case Scenario
Timeline
  • 2023-12-05 CVE Reserved
  • 2024-02-07 CVE Published
  • 2024-09-14 EPSS Updated
  • 2024-11-15 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-476: NULL Pointer Dereference
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Redhat
Search vendor "Redhat"
Virtualization Host
Search vendor "Redhat" for product "Virtualization Host"
4.0
Search vendor "Redhat" for product "Virtualization Host" and version "4.0"
-
Affected
in Redhat
Search vendor "Redhat"
Enterprise Linux
Search vendor "Redhat" for product "Enterprise Linux"
8.0
Search vendor "Redhat" for product "Enterprise Linux" and version "8.0"
-
Safe
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
--
Affected
Redhat
Search vendor "Redhat"
Codeready Linux Builder Eus
Search vendor "Redhat" for product "Codeready Linux Builder Eus"
8.6
Search vendor "Redhat" for product "Codeready Linux Builder Eus" and version "8.6"
-
Affected
Redhat
Search vendor "Redhat"
Codeready Linux Builder Eus
Search vendor "Redhat" for product "Codeready Linux Builder Eus"
9.2
Search vendor "Redhat" for product "Codeready Linux Builder Eus" and version "9.2"
-
Affected
Redhat
Search vendor "Redhat"
Codeready Linux Builder Eus For Power Little Endian Eus
Search vendor "Redhat" for product "Codeready Linux Builder Eus For Power Little Endian Eus"
8.6_ppc64le
Search vendor "Redhat" for product "Codeready Linux Builder Eus For Power Little Endian Eus" and version "8.6_ppc64le"
-
Affected
Redhat
Search vendor "Redhat"
Codeready Linux Builder Eus For Power Little Endian Eus
Search vendor "Redhat" for product "Codeready Linux Builder Eus For Power Little Endian Eus"
9.2_ppc64le
Search vendor "Redhat" for product "Codeready Linux Builder Eus For Power Little Endian Eus" and version "9.2_ppc64le"
-
Affected
Redhat
Search vendor "Redhat"
Codeready Linux Builder For Arm64 Eus
Search vendor "Redhat" for product "Codeready Linux Builder For Arm64 Eus"
8.6_aarch64
Search vendor "Redhat" for product "Codeready Linux Builder For Arm64 Eus" and version "8.6_aarch64"
-
Affected
Redhat
Search vendor "Redhat"
Codeready Linux Builder For Arm64 Eus
Search vendor "Redhat" for product "Codeready Linux Builder For Arm64 Eus"
9.2_aarch64
Search vendor "Redhat" for product "Codeready Linux Builder For Arm64 Eus" and version "9.2_aarch64"
-
Affected
Redhat
Search vendor "Redhat"
Codeready Linux Builder For Ibm Z Systems Eus
Search vendor "Redhat" for product "Codeready Linux Builder For Ibm Z Systems Eus"
9.2_s390x
Search vendor "Redhat" for product "Codeready Linux Builder For Ibm Z Systems Eus" and version "9.2_s390x"
-
Affected
Redhat
Search vendor "Redhat"
Enterprise Linux
Search vendor "Redhat" for product "Enterprise Linux"
8.0
Search vendor "Redhat" for product "Enterprise Linux" and version "8.0"
-
Affected
Redhat
Search vendor "Redhat"
Enterprise Linux
Search vendor "Redhat" for product "Enterprise Linux"
9.0
Search vendor "Redhat" for product "Enterprise Linux" and version "9.0"
-
Affected
Redhat
Search vendor "Redhat"
Enterprise Linux Eus
Search vendor "Redhat" for product "Enterprise Linux Eus"
8.6
Search vendor "Redhat" for product "Enterprise Linux Eus" and version "8.6"
-
Affected
Redhat
Search vendor "Redhat"
Enterprise Linux Eus
Search vendor "Redhat" for product "Enterprise Linux Eus"
9.2
Search vendor "Redhat" for product "Enterprise Linux Eus" and version "9.2"
-
Affected
Redhat
Search vendor "Redhat"
Enterprise Linux For Arm 64 Eus
Search vendor "Redhat" for product "Enterprise Linux For Arm 64 Eus"
8.6_aarch64
Search vendor "Redhat" for product "Enterprise Linux For Arm 64 Eus" and version "8.6_aarch64"
-
Affected
Redhat
Search vendor "Redhat"
Enterprise Linux For Arm 64 Eus
Search vendor "Redhat" for product "Enterprise Linux For Arm 64 Eus"
9.2_aarch64
Search vendor "Redhat" for product "Enterprise Linux For Arm 64 Eus" and version "9.2_aarch64"
-
Affected
Redhat
Search vendor "Redhat"
Enterprise Linux For Ibm Z Systems Eus
Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems Eus"
8.6_s390x
Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems Eus" and version "8.6_s390x"
-
Affected
Redhat
Search vendor "Redhat"
Enterprise Linux For Ibm Z Systems Eus
Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems Eus"
9.2_s390x
Search vendor "Redhat" for product "Enterprise Linux For Ibm Z Systems Eus" and version "9.2_s390x"
-
Affected
Redhat
Search vendor "Redhat"
Enterprise Linux For Power Little Endian Eus
Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian Eus"
8.6_ppc64le
Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian Eus" and version "8.6_ppc64le"
-
Affected
Redhat
Search vendor "Redhat"
Enterprise Linux For Power Little Endian Eus
Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian Eus"
9.2_ppc64le
Search vendor "Redhat" for product "Enterprise Linux For Power Little Endian Eus" and version "9.2_ppc64le"
-
Affected
Redhat
Search vendor "Redhat"
Enterprise Linux For Real Time
Search vendor "Redhat" for product "Enterprise Linux For Real Time"
9.2
Search vendor "Redhat" for product "Enterprise Linux For Real Time" and version "9.2"
-
Affected
Redhat
Search vendor "Redhat"
Enterprise Linux For Real Time For Nfv
Search vendor "Redhat" for product "Enterprise Linux For Real Time For Nfv"
9.2
Search vendor "Redhat" for product "Enterprise Linux For Real Time For Nfv" and version "9.2"
-
Affected
Redhat
Search vendor "Redhat"
Enterprise Linux Server Aus
Search vendor "Redhat" for product "Enterprise Linux Server Aus"
8.6
Search vendor "Redhat" for product "Enterprise Linux Server Aus" and version "8.6"
-
Affected
Redhat
Search vendor "Redhat"
Enterprise Linux Server Aus
Search vendor "Redhat" for product "Enterprise Linux Server Aus"
9.2
Search vendor "Redhat" for product "Enterprise Linux Server Aus" and version "9.2"
-
Affected
Redhat
Search vendor "Redhat"
Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions
Search vendor "Redhat" for product "Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions"
8.6_ppc64le
Search vendor "Redhat" for product "Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions" and version "8.6_ppc64le"
-
Affected
Redhat
Search vendor "Redhat"
Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions
Search vendor "Redhat" for product "Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions"
9.2_ppc64le
Search vendor "Redhat" for product "Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions" and version "9.2_ppc64le"
-
Affected
Redhat
Search vendor "Redhat"
Enterprise Linux Server Tus
Search vendor "Redhat" for product "Enterprise Linux Server Tus"
8.6
Search vendor "Redhat" for product "Enterprise Linux Server Tus" and version "8.6"
-
Affected