PT-2023-5673 · Linux+10 · Linux Kernel+10

Lucas Leong

Publicado

2023-08-28

Atualizado

2024-12-19

CVE-2023-39193

CVSS v2.0

6.2

Média

Vetor

AV:L/AC:L/Au:S/C:C/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux Kernel (affected versions not specified)

Description A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp mt check did not validate the flag count field. This flaw allows a local privileged (CAP NET ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Out of bounds Read

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-125

Identificadores relacionados

ALSA-2024:2394

ALSA-2024:2950

ALSA-2024:3138

ALT-PU-2023-7004

ALT-PU-2023-7185

ALT-PU-2023-7787

ALT-PU-2023-7838

ALT-PU-2024-14046

ALT-PU-2024-6818

AZL-31270

BDU:2023-06340

CESA-2024_2950

CESA-2024_3138

CVE-2023-39193

DLA-3710-1

INFSA-2024_2394

INFSA-2024_2950

INFSA-2024_3138

OESA-2023-1759

OESA-2023-1760

OESA-2023-1781

OESA-2023-1782

OESA-2023-1783

OPENSUSE-SU-2023_4035-1

OPENSUSE-SU-2023_4057-1

OPENSUSE-SU-2023_4058-1

OPENSUSE-SU-2023_4071-1

OPENSUSE-SU-2023_4072-1

OPENSUSE-SU-2023_4072-2

OPENSUSE-SU-2023_4343-1

OPENSUSE-SU-2023_4345-1

OPENSUSE-SU-2023_4347-1

OPENSUSE-SU-2023_4348-1

OPENSUSE-SU-2023_4375-1

OPENSUSE-SU-2023_4378-1

OPENSUSE-SU-2023_4414-1

OPENSUSE-SU-2024:13305-1

OPENSUSE-SU-2024:13704-1

RHSA-2024:2394

RHSA-2024:2950

RHSA-2024:3138

RHSA-2024_2394

RHSA-2024_2950

RHSA-2024_3138

RLSA-2024:2950

RLSA-2024:3138

SUSE-SU-2023:4031-1

SUSE-SU-2023:4032-1

SUSE-SU-2023:4033-1

SUSE-SU-2023:4035-1

SUSE-SU-2023:4057-1

SUSE-SU-2023:4058-1

SUSE-SU-2023:4071-1

SUSE-SU-2023:4072-1

SUSE-SU-2023:4072-2

SUSE-SU-2023:4093-1

SUSE-SU-2023:4343-1

SUSE-SU-2023:4345-1

SUSE-SU-2023:4347-1

SUSE-SU-2023:4348-1

SUSE-SU-2023:4358-1

SUSE-SU-2023:4375-1

SUSE-SU-2023:4377-1

SUSE-SU-2023:4378-1

SUSE-SU-2023:4414-1

SUSE-SU-2024:0112-1

USN-6494-1

USN-6494-2

USN-6532-1

USN-6534-1

USN-6534-2

USN-6534-3

USN-6548-1

USN-6548-2

USN-6548-3

USN-6548-4

USN-6548-5

USN-6549-1

USN-6549-2

USN-6549-3

USN-6549-4

USN-6549-5

USN-6635-1

ZDI-23-1491

Produtos afetados

Alt Linux

Almalinux

Astra Linux

Centos

Linux Kernel

Linuxmint

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

PT-2023-5673 · Linux+10 · Linux Kernel+10

CVE-2023-39193

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 790