PT-2023-6957 · Linux+5 · Linux Kernel+5

Mauro Matteo Cascella

·

Published

2023-06-26

·

Updated

2025-11-19

·

CVE-2023-39197

CVSS v2.0

7.8

High

VectorAV:N/AC:L/Au:N/C:C/I:N/A:N
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to an out-of-bounds read vulnerability in Netfilter Connection Tracking (conntrack) in the Linux kernel. This flaw allows a remote user to disclose sensitive information via the DCCP protocol. The vulnerability is associated with the function nf conntrack dccp packet() in the module net/netfilter/nf conntrack proto dccp.c.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

ALT-PU-2023-8472
BDU:2023-07976
CVE-2023-39197
OESA-2023-1858
OESA-2023-1859
OESA-2023-1860
OESA-2023-1861
OESA-2023-1862
OPENSUSE-SU-2023_4730-1
OPENSUSE-SU-2023_4731-1
OPENSUSE-SU-2023_4732-1
OPENSUSE-SU-2023_4734-1
OPENSUSE-SU-2023_4782-1
OPENSUSE-SU-2023_4882-1
SUSE-SU-2023:4730-1
SUSE-SU-2023:4731-1
SUSE-SU-2023:4732-1
SUSE-SU-2023:4733-1
SUSE-SU-2023:4734-1
SUSE-SU-2023:4735-1
SUSE-SU-2023:4782-1
SUSE-SU-2023:4783-1
SUSE-SU-2023:4784-1
SUSE-SU-2023:4810-1
SUSE-SU-2023:4811-1
SUSE-SU-2023:4882-1
SUSE-SU-2023:4883-1
SUSE-SU-2024:0112-1
SUSE-SU-2025:03600-1
SUSE-SU-2025:03613-1
SUSE-SU-2025:03614-1
SUSE-SU-2025:03615-1
SUSE-SU-2025:03626-1
SUSE-SU-2025:03628-1
SUSE-SU-2025:03634-1
SUSE-SU-2025:20851-1
SUSE-SU-2025:20861-1
SUSE-SU-2025:20870-1
SUSE-SU-2025:20898-1
SUSE-SU-2025:3716-1
SUSE-SU-2025:3751-1
SUSE-SU-2025:3761-1
SUSE-SU-2025:4057-1
SUSE-SU-2025:4132-1
SUSE-SU-2025:4141-1
USN-6700-1
USN-6700-2
USN-6701-1
USN-6701-2
USN-6701-3
USN-6701-4
ZDI-24-995

Affected Products

Alt Linux
Astra Linux
Linux Kernel
Red Os
Suse
Ubuntu