CVE-2023-2156

CVSS v3.1 7.5 (High)

EPSS 2.11 % (89^th)

Affected Products 4

Advisories 48

A flaw was found in the networking subsystem of the Linux kernel within the handling of the RPL protocol. This issue results from the lack of proper handling of user-supplied data, which can lead to an assertion failure. This may allow an unauthenticated remote attacker to create a denial of service condition on the system.

Weaknesses

CWE-617: Reachable Assertion

CVE Status: PUBLISHED
CNA: Red Hat, Inc.
Published Date: 2023-05-09 22:15:10
(16 months ago)
Updated Date: 2024-02-03 02:34:33
(7 months ago)

Affected Products

Configuration #1

	CPE23	From	Up To
Linux Kernel from 5.7 version and prior 5.10.184 version	cpe:2.3:o:linux:linux_kernel	>= 5.7	< 5.10.184
Linux Kernel from 5.11 version and prior 5.15.117 version	cpe:2.3:o:linux:linux_kernel	>= 5.11	< 5.15.117
Linux Kernel from 5.16 version and prior 6.1.34 version	cpe:2.3:o:linux:linux_kernel	>= 5.16	< 6.1.34
Linux Kernel from 6.2 version and prior 6.2.13 version	cpe:2.3:o:linux:linux_kernel	>= 6.2	< 6.2.13
Linux Kernel from 6.3 version and prior 6.3.8 version	cpe:2.3:o:linux:linux_kernel	>= 6.3	< 6.3.8

Configuration #2

		CPE23	From	Up To
	Redhat Enterprise Linux 9.0	cpe:2.3:o:redhat:enterprise_linux:9.0

Configuration #3

		CPE23	From	Up To
	Fedoraproject Fedora 38	cpe:2.3:o:fedoraproject:fedora:38

Configuration #4

		CPE23	From	Up To
	Debian Linux 10.0	cpe:2.3:o:debian:debian_linux:10.0

Weaknesses

Affected Products

Debian

Fedoraproject

Linux

Redhat

Configuration #1

Configuration #2

Configuration #3

Configuration #4