CVE-2023-3212

CVSS v3.1 4.4 (Medium)

EPSS 0.04 % (5^th)

Affected Products 14

Advisories 30

A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. It occurs on corrupt gfs2 file systems when the evict code tries to reference the journal descriptor structure after it has been freed and set to NULL. A privileged local user could use this flaw to cause a kernel panic.

Weaknesses

CWE-476: NULL Pointer Dereference

CVE Status: PUBLISHED
CNA: Red Hat, Inc.
Published Date: 2023-06-23 20:15:09
(15 months ago)
Updated Date: 2024-01-11 19:15:10
(8 months ago)

Affected Products

Netapp

Redhat

Enterprise Linux

Configuration #1

		CPE23	From	Up To
	Linux Kernel prior 6.4 version	cpe:2.3:o:linux:linux_kernel		< 6.4
	Linux Kernel 6.4 Rc1	cpe:2.3:o:linux:linux_kernel:6.4:rc1

Configuration #2

		CPE23	From	Up To
	Fedoraproject Fedora 38	cpe:2.3:o:fedoraproject:fedora:38

Configuration #3

		CPE23	From	Up To
	Redhat Enterprise Linux 8.0	cpe:2.3:o:redhat:enterprise_linux:8.0
	Redhat Enterprise Linux 9.0	cpe:2.3:o:redhat:enterprise_linux:9.0

Configuration #4

		CPE23	From	Up To
	Debian Linux 10.0	cpe:2.3:o:debian:debian_linux:10.0
	Debian Linux 11.0	cpe:2.3:o:debian:debian_linux:11.0
	Debian Linux 12.0	cpe:2.3:o:debian:debian_linux:12.0

Configuration #5

AND

		CPE23
OR
	Netapp H300s Firmware	cpe:2.3:o:netapp:h300s_firmware:-
OR
	Running on/with
	Netapp H300s	cpe:2.3:h:netapp:h300s:-

Configuration #6

AND

		CPE23
OR
	Netapp H500s Firmware	cpe:2.3:o:netapp:h500s_firmware:-
OR
	Running on/with
	Netapp H500s	cpe:2.3:h:netapp:h500s:-

Configuration #7

AND

		CPE23
OR
	Netapp H700s Firmware	cpe:2.3:o:netapp:h700s_firmware:-
OR
	Running on/with
	Netapp H700s	cpe:2.3:h:netapp:h700s:-

Configuration #8

AND

		CPE23
OR
	Netapp H410s Firmware	cpe:2.3:o:netapp:h410s_firmware:-
OR
	Running on/with
	Netapp H410s	cpe:2.3:h:netapp:h410s:-

Configuration #9

AND

		CPE23
OR
	Netapp H410c Firmware	cpe:2.3:o:netapp:h410c_firmware:-
OR
	Running on/with
	Netapp H410c	cpe:2.3:h:netapp:h410c:-