PT-2023-7942 · Linux +8 · Linux Kernel +8

Marco Benatto

·

Published

2023-12-11

·

Updated

2025-01-03

·

CVE-2023-6356

CVSS v2.0
7.8
VectorAV:N/AC:L/Au:N/C:N/I:N/A:C

**Name of the Vulnerable Software and Affected Versions**

Linux kernel (affected versions not specified)

**Description**

A flaw was found in the Linux kernel's NVMe driver, which may allow an unauthenticated malicious actor to send crafted TCP packages when using NVMe over TCP. This can lead to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.

**Recommendations**

At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

NULL Pointer Dereference

Weakness Enumeration

CWE-476

Related Identifiers

ALSA-2024:0897
ALT-PU-2024-17576
BDU:2023-09026
CESA-2024_0881
CESA-2024_0897
CVE-2023-6356
DLA-3841-1
OESA-2024-2569
OESA-2025-1016
OPENSUSE-SU-2024_0469-1
OPENSUSE-SU-2024_0515-1
OPENSUSE-SU-2024_1321-1
OPENSUSE-SU-2024_1322-1
OPENSUSE-SU-2024_1322-2
OPENSUSE-SU-2024_1332-1
OPENSUSE-SU-2024_1332-2
OPENSUSE-SU-2024_1466-1
OPENSUSE-SU-2024_1480-1
OPENSUSE-SU-2024_1489-1
OPENSUSE-SU-2024_1490-1
RHSA-2024:0723
RHSA-2024:0724
RHSA-2024:0725
RHSA-2024:0881
RHSA-2024:0897
RHSA-2024:1248
RHSA-2024:3810
RHSA-2024_0881
RHSA-2024_0897
RHSA-2024_1248
RXSA-2024:1248
SUSE-SU-2024:0463-1
SUSE-SU-2024:0469-1
SUSE-SU-2024:0474-1
SUSE-SU-2024:0476-1
SUSE-SU-2024:0478-1
SUSE-SU-2024:0484-1
SUSE-SU-2024:0514-1
SUSE-SU-2024:0515-1
SUSE-SU-2024:0516-1
SUSE-SU-2024:0975-1
SUSE-SU-2024:1321-1
SUSE-SU-2024:1454-1
SUSE-SU-2024:1466-1
SUSE-SU-2024:1480-1
SUSE-SU-2024:1489-1
SUSE-SU-2024:1490-1
SUSE-SU-2024:1643-1
SUSE-SU-2024:1646-1
SUSE-SU-2024:1870-1
USN-6765-1
USN-6818-1
USN-6818-2
USN-6818-3
USN-6818-4
USN-6819-1
USN-6819-2
USN-6819-3
USN-6819-4

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Suse
Ubuntu