CVE-2023-2166

CVSS v3.1 5.5 (Medium)

EPSS 0.04 % (5^th)

Affected Products 1

Advisories 13

A null pointer dereference issue was found in can protocol in net/can/af_can.c in the Linux before Linux. ml_priv may not be initialized in the receive path of CAN frames. A local user could use this flaw to crash the system or potentially cause a denial of service.

Weaknesses

CWE-476: NULL Pointer Dereference

CVE Status: PUBLISHED
CNA: Red Hat, Inc.
Published Date: 2023-04-19 23:15:07
(17 months ago)
Updated Date: 2023-11-07 04:12:05
(10 months ago)

Affected Products

Linux

Linux Kernel

Configuration #1

	CPE23	Up To
Linux Kernel prior 6.1 version	cpe:2.3:o:linux:linux_kernel	< 6.1
Linux Kernel 6.1	cpe:2.3:o:linux:linux_kernel:6.1:-
Linux Kernel 6.1 Rc1	cpe:2.3:o:linux:linux_kernel:6.1:rc1
Linux Kernel 6.1 Rc2	cpe:2.3:o:linux:linux_kernel:6.1:rc2
Linux Kernel 6.1 Rc3	cpe:2.3:o:linux:linux_kernel:6.1:rc3
Linux Kernel 6.1 Rc4	cpe:2.3:o:linux:linux_kernel:6.1:rc4
Linux Kernel 6.1 Rc5	cpe:2.3:o:linux:linux_kernel:6.1:rc5
Linux Kernel 6.1 Rc6	cpe:2.3:o:linux:linux_kernel:6.1:rc6
Linux Kernel 6.1 Rc7	cpe:2.3:o:linux:linux_kernel:6.1:rc7
Linux Kernel 6.1 Rc8	cpe:2.3:o:linux:linux_kernel:6.1:rc8