CVE-2023-6356

CVSS v3.1 7.5 (High)

EPSS 0.11 % (45^th)

Affected Products 18

Advisories 39

NVD Status Modified

A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service.

Weaknesses

CWE-476: NULL Pointer Dereference

CVE Status: PUBLISHED
NVD Status: Modified
CNA: Red Hat, Inc.
Published Date: 2024-02-07 21:15:08
(7 months ago)
Updated Date: 2024-09-14 00:15:12
(2 days ago)

Affected Products

Debian

Debian Linux

Linux

Linux Kernel

Redhat

Configuration #1

		CPE23	From	Up To
	Redhat Codeready Linux Builder Eus 8.6	cpe:2.3:a:redhat:codeready_linux_builder_eus:8.6
	Redhat Codeready Linux Builder Eus 9.2	cpe:2.3:a:redhat:codeready_linux_builder_eus:9.2
	Redhat Codeready Linux Builder Eus for Power Little Endian Eus 8.6 Ppc64le	cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian_eus:8.6_ppc64le
	Redhat Codeready Linux Builder Eus for Power Little Endian Eus 9.2 Ppc64le	cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian_eus:9.2_ppc64le
	Redhat Codeready Linux Builder for Arm64 Eus 8.6 Aarch64	cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:8.6_aarch64
	Redhat Codeready Linux Builder for Arm64 Eus 9.2 Aarch64	cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.2_aarch64
	Redhat Codeready Linux Builder for Ibm Z Systems Eus 9.2 S390x	cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.2_s390x
	Redhat Enterprise Linux 8.0	cpe:2.3:o:redhat:enterprise_linux:8.0
	Redhat Enterprise Linux 9.0	cpe:2.3:o:redhat:enterprise_linux:9.0
	Redhat Enterprise Linux Eus 8.6	cpe:2.3:o:redhat:enterprise_linux_eus:8.6
	Redhat Enterprise Linux Eus 9.2	cpe:2.3:o:redhat:enterprise_linux_eus:9.2
	Redhat Enterprise Linux for Arm 64 Eus 8.6 Aarch64	cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.6_aarch64
	Redhat Enterprise Linux for Arm 64 Eus 9.2 Aarch64	cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.2_aarch64
	Redhat Enterprise Linux for Ibm Z Systems Eus 8.6 S390x	cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6_s390x
	Redhat Enterprise Linux for Ibm Z Systems Eus 9.2 S390x	cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.2_s390x
	Redhat Enterprise Linux for Power Little Endian Eus 8.6 Ppc64le	cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6_ppc64le
	Redhat Enterprise Linux for Power Little Endian Eus 9.2 Ppc64le	cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.2_ppc64le
	Redhat Enterprise Linux for Real Time 9.2	cpe:2.3:o:redhat:enterprise_linux_for_real_time:9.2
	Redhat Enterprise Linux for Real Time For Nfv 9.2	cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:9.2
	Redhat Enterprise Linux Server Aus 8.6	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6
	Redhat Enterprise Linux Server Aus 9.2	cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2
	Redhat Enterprise Linux Server for Power Little Endian Update Services For Sap Solutions 8.6 Ppc64le	cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.6_ppc64le
	Redhat Enterprise Linux Server for Power Little Endian Update Services For Sap Solutions 9.2 Ppc64le	cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.2_ppc64le
	Redhat Enterprise Linux Server Tus 8.6	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6

Configuration #2

AND

		CPE23
OR
	Redhat Virtualization Host 4.0	cpe:2.3:a:redhat:virtualization_host:4.0
OR
	Running on/with
	Redhat Enterprise Linux 8.0	cpe:2.3:o:redhat:enterprise_linux:8.0

Configuration #3

	CPE23	From	Up To
Linux Kernel from 5.0 version and prior 5.4.268 version	cpe:2.3:o:linux:linux_kernel	>= 5.0	< 5.4.268
Linux Kernel from 5.5 version and prior 5.10.209 version	cpe:2.3:o:linux:linux_kernel	>= 5.5	< 5.10.209
Linux Kernel from 5.11 version and prior 5.15.148 version	cpe:2.3:o:linux:linux_kernel	>= 5.11	< 5.15.148
Linux Kernel from 5.16 version and prior 6.1.75 version	cpe:2.3:o:linux:linux_kernel	>= 5.16	< 6.1.75
Linux Kernel from 6.2 version and prior 6.6.14 version	cpe:2.3:o:linux:linux_kernel	>= 6.2	< 6.6.14
Linux Kernel from 6.7 version and prior 6.7.2 version	cpe:2.3:o:linux:linux_kernel	>= 6.7	< 6.7.2

Configuration #4

		CPE23	From	Up To
	Debian Linux 10.0	cpe:2.3:o:debian:debian_linux:10.0