CVE-2023-6121

CVSS v3.1 4.3 (Medium)

EPSS 0.18 % (56^th)

Affected Products 1

Advisories 39

NVD Status Modified

An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a remote attacker to send a crafted TCP packet, triggering a heap-based buffer overflow that results in kmalloc data being printed and potentially leaked to the kernel ring buffer (dmesg).

Weaknesses

CWE-125: Out-of-bounds Read

CVE Status: PUBLISHED
NVD Status: Modified
CNA: Red Hat, Inc.
Published Date: 2023-11-16 15:15:11
(10 months ago)
Updated Date: 2024-09-14 00:15:12
(2 days ago)

Affected Products

Redhat

Enterprise Linux

Configuration #1

		CPE23	From	Up To
	Redhat Enterprise Linux 6.0	cpe:2.3:o:redhat:enterprise_linux:6.0
	Redhat Enterprise Linux 7.0	cpe:2.3:o:redhat:enterprise_linux:7.0
	Redhat Enterprise Linux 8.0	cpe:2.3:o:redhat:enterprise_linux:8.0
	Redhat Enterprise Linux 9.0	cpe:2.3:o:redhat:enterprise_linux:9.0