Vulnerabilites related to Red Hat - RHOL-5.7-RHEL-8
cve-2023-4456
Vulnerability from cvelistv5
Published
2023-08-21 15:19
Modified
2024-11-23 00:16
Severity ?
EPSS score ?
Summary
A flaw was found in openshift-logging LokiStack. The key used for caching is just the token, which is too broad. This issue allows a user with a token valid for one action to execute other actions as long as the authorization allowing the original action is still cached.
References
| ▼ | URL | Tags |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2023:4933 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2023:5095 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2023:5096 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/security/cve/CVE-2023-4456 | vdb-entry, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2233087 | issue-tracking, x_refsource_REDHAT |
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Red Hat | RHOL-5.5-RHEL-8 |
Unaffected: v0.1.0-327 < * cpe:/a:redhat:logging:5.5::el8 |
|||||||||||
|
||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2023-4456", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-04-26T20:04:56.956783Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-04T17:27:25.132Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T07:31:05.461Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2023:4933", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2023:4933", }, { name: "RHSA-2023:5095", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2023:5095", }, { name: "RHSA-2023:5096", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2023:5096", }, { tags: [ "vdb-entry", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/security/cve/CVE-2023-4456", }, { name: "RHBZ#2233087", tags: [ "issue-tracking", "x_refsource_REDHAT", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2233087", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.5::el8", ], defaultStatus: "affected", packageName: "openshift-logging/lokistack-gateway-rhel8", product: "RHOL-5.5-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v0.1.0-327", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.6::el8", ], defaultStatus: "affected", packageName: "openshift-logging/lokistack-gateway-rhel8", product: "RHOL-5.6-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v0.1.0-326", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/lokistack-gateway-rhel8", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v0.1.0-325", versionType: "rpm", }, ], }, ], credits: [ { lang: "en", value: "This issue was discovered by Robert Jacob (Red Hat).", }, ], datePublic: "2023-08-21T00:00:00+00:00", descriptions: [ { lang: "en", value: "A flaw was found in openshift-logging LokiStack. The key used for caching is just the token, which is too broad. This issue allows a user with a token valid for one action to execute other actions as long as the authorization allowing the original action is still cached.", }, ], metrics: [ { other: { content: { namespace: "https://access.redhat.com/security/updates/classification/", value: "Moderate", }, type: "Red Hat severity rating", }, }, { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.7, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-1220", description: "Insufficient Granularity of Access Control", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-23T00:16:34.674Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2023:4933", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2023:4933", }, { name: "RHSA-2023:5095", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2023:5095", }, { name: "RHSA-2023:5096", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2023:5096", }, { tags: [ "vdb-entry", "x_refsource_REDHAT", ], url: "https://access.redhat.com/security/cve/CVE-2023-4456", }, { name: "RHBZ#2233087", tags: [ "issue-tracking", "x_refsource_REDHAT", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2233087", }, ], timeline: [ { lang: "en", time: "2023-08-21T00:00:00+00:00", value: "Reported to Red Hat.", }, { lang: "en", time: "2023-08-21T00:00:00+00:00", value: "Made public.", }, ], title: "Openshift-logging: lokistack authorisation is cached too broadly", x_redhatCweChain: "CWE-1220: Insufficient Granularity of Access Control", }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2023-4456", datePublished: "2023-08-21T15:19:22.208Z", dateReserved: "2023-08-21T11:46:25.407Z", dateUpdated: "2024-11-23T00:16:34.674Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-6546
Vulnerability from cvelistv5
Published
2023-12-21 20:01
Modified
2024-11-15 15:13
Severity ?
EPSS score ?
Summary
A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci while restarting the gsm mux. This could allow a local unprivileged user to escalate their privileges on the system.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Red Hat | Red Hat Enterprise Linux 8 |
Unaffected: 0:4.18.0-513.24.1.rt7.326.el8_9 < * cpe:/a:redhat:enterprise_linux:8::realtime cpe:/a:redhat:enterprise_linux:8::nfv |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:35:14.746Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/04/10/18", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/04/10/21", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/04/11/7", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/04/11/9", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/04/12/1", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/04/12/2", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/04/16/2", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/04/17/1", }, { name: "RHSA-2024:0930", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:0930", }, { name: "RHSA-2024:0937", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:0937", }, { name: "RHSA-2024:1018", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1018", }, { name: "RHSA-2024:1019", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1019", }, { name: "RHSA-2024:1055", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1055", }, { name: "RHSA-2024:1250", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1250", }, { name: "RHSA-2024:1253", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1253", }, { name: "RHSA-2024:1306", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1306", }, { name: "RHSA-2024:1607", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1607", }, { name: "RHSA-2024:1612", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1612", }, { name: "RHSA-2024:1614", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1614", }, { name: "RHSA-2024:2093", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:2093", }, { name: "RHSA-2024:2394", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:2394", }, { name: "RHSA-2024:2621", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:2621", }, { name: "RHSA-2024:2697", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:2697", }, { name: "RHSA-2024:4577", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:4577", }, { name: "RHSA-2024:4729", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:4729", }, { name: "RHSA-2024:4731", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:4731", }, { tags: [ "vdb-entry", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/security/cve/CVE-2023-6546", }, { name: "RHBZ#2255498", tags: [ "issue-tracking", "x_refsource_REDHAT", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2255498", }, { tags: [ "x_transferred", ], url: "https://github.com/torvalds/linux/commit/3c4f8333b582487a2d1e02171f1465531cde53e3", }, { tags: [ "x_transferred", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-CAN-20527", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:enterprise_linux:8::realtime", "cpe:/a:redhat:enterprise_linux:8::nfv", ], defaultStatus: "affected", packageName: "kernel-rt", product: "Red Hat Enterprise Linux 8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:4.18.0-513.24.1.rt7.326.el8_9", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:enterprise_linux:8::baseos", "cpe:/a:redhat:enterprise_linux:8::crb", ], defaultStatus: "affected", packageName: "kernel", product: "Red Hat Enterprise Linux 8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:4.18.0-513.24.1.el8_9", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:enterprise_linux:8::baseos", ], defaultStatus: "unaffected", packageName: "kpatch-patch", product: "Red Hat Enterprise Linux 8", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:rhel_aus:8.2::baseos", ], defaultStatus: "affected", packageName: "kernel", product: "Red Hat Enterprise Linux 8.2 Advanced Update Support", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:4.18.0-193.136.1.el8_2", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:rhel_aus:8.4::baseos", "cpe:/o:redhat:rhel_e4s:8.4::baseos", "cpe:/o:redhat:rhel_tus:8.4::baseos", ], defaultStatus: "affected", packageName: "kernel", product: "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:4.18.0-305.134.1.el8_4", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:rhel_tus:8.4::nfv", "cpe:/a:redhat:rhel_tus:8.4::realtime", ], defaultStatus: "affected", packageName: "kernel-rt", product: "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:4.18.0-305.134.1.rt7.210.el8_4", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:rhel_aus:8.4::baseos", "cpe:/o:redhat:rhel_e4s:8.4::baseos", "cpe:/o:redhat:rhel_tus:8.4::baseos", ], defaultStatus: "affected", packageName: "kernel", product: "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:4.18.0-305.134.1.el8_4", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:rhel_aus:8.4::baseos", "cpe:/o:redhat:rhel_e4s:8.4::baseos", "cpe:/o:redhat:rhel_tus:8.4::baseos", ], defaultStatus: "affected", packageName: "kernel", product: "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:4.18.0-305.134.1.el8_4", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:rhel_e4s:8.4::baseos", ], defaultStatus: "unaffected", packageName: "kpatch-patch", product: "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:rhev_hypervisor:4.4::el8", "cpe:/a:redhat:rhel_eus:8.6::crb", "cpe:/o:redhat:rhel_eus:8.6::baseos", ], defaultStatus: "affected", packageName: "kernel", product: "Red Hat Enterprise Linux 8.6 Extended Update Support", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:4.18.0-372.93.1.el8_6", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:rhel_eus:8.6::baseos", ], defaultStatus: "unaffected", packageName: "kpatch-patch", product: "Red Hat Enterprise Linux 8.6 Extended Update Support", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:rhel_eus:8.8::baseos", "cpe:/a:redhat:rhel_eus:8.8::crb", ], defaultStatus: "affected", packageName: "kernel", product: "Red Hat Enterprise Linux 8.8 Extended Update Support", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:4.18.0-477.55.1.el8_8", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:rhel_eus:8.8::baseos", ], defaultStatus: "unaffected", packageName: "kpatch-patch", product: "Red Hat Enterprise Linux 8.8 Extended Update Support", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:enterprise_linux:9::crb", "cpe:/o:redhat:enterprise_linux:9::baseos", "cpe:/a:redhat:enterprise_linux:9::nfv", "cpe:/a:redhat:enterprise_linux:9::realtime", "cpe:/a:redhat:enterprise_linux:9::appstream", ], defaultStatus: "affected", packageName: "kernel", product: "Red Hat Enterprise Linux 9", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:5.14.0-427.13.1.el9_4", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:enterprise_linux:9::crb", "cpe:/o:redhat:enterprise_linux:9::baseos", "cpe:/a:redhat:enterprise_linux:9::nfv", "cpe:/a:redhat:enterprise_linux:9::realtime", "cpe:/a:redhat:enterprise_linux:9::appstream", ], defaultStatus: "affected", packageName: "kernel", product: "Red Hat Enterprise Linux 9", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:5.14.0-427.13.1.el9_4", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:rhel_eus:9.0::baseos", "cpe:/a:redhat:rhel_eus:9.0::appstream", "cpe:/a:redhat:rhel_eus:9.0::crb", ], defaultStatus: "affected", packageName: "kernel", product: "Red Hat Enterprise Linux 9.0 Extended Update Support", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:5.14.0-70.93.2.el9_0", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:rhel_eus:9.0::nfv", "cpe:/a:redhat:rhel_eus:9.0::realtime", ], defaultStatus: "affected", packageName: "kernel-rt", product: "Red Hat Enterprise Linux 9.0 Extended Update Support", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:5.14.0-70.93.1.rt21.165.el9_0", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:rhel_eus:9.0::baseos", ], defaultStatus: "unaffected", packageName: "kpatch-patch", product: "Red Hat Enterprise Linux 9.0 Extended Update Support", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:rhel_eus:9.2::crb", "cpe:/a:redhat:rhel_eus:9.2::appstream", "cpe:/o:redhat:rhel_eus:9.2::baseos", ], defaultStatus: "affected", packageName: "kernel", product: "Red Hat Enterprise Linux 9.2 Extended Update Support", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:5.14.0-284.55.1.el9_2", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:rhel_eus:9.2::nfv", "cpe:/a:redhat:rhel_eus:9.2::realtime", ], defaultStatus: "affected", packageName: "kernel-rt", product: "Red Hat Enterprise Linux 9.2 Extended Update Support", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:5.14.0-284.55.1.rt14.340.el9_2", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:rhel_eus:9.2::baseos", ], defaultStatus: "unaffected", packageName: "kpatch-patch", product: "Red Hat Enterprise Linux 9.2 Extended Update Support", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:rhev_hypervisor:4.4::el8", "cpe:/a:redhat:rhel_eus:8.6::crb", "cpe:/o:redhat:rhel_eus:8.6::baseos", ], defaultStatus: "affected", packageName: "kernel", product: "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:4.18.0-372.93.1.el8_6", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/cluster-logging-operator-bundle", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v5.7.13-16", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/cluster-logging-rhel8-operator", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v5.7.13-7", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/elasticsearch6-rhel8", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v6.8.1-408", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/elasticsearch-operator-bundle", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v5.7.13-19", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/elasticsearch-proxy-rhel8", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v1.0.0-480", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/elasticsearch-rhel8-operator", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v5.7.13-9", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/eventrouter-rhel8", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v0.4.0-248", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/fluentd-rhel8", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v1.14.6-215", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/kibana6-rhel8", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v6.8.1-431", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/log-file-metric-exporter-rhel8", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v1.1.0-228", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/logging-curator5-rhel8", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v5.8.1-471", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/logging-loki-rhel8", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v2.9.6-15", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/logging-view-plugin-rhel8", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v5.7.13-3", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/loki-operator-bundle", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v5.7.13-27", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/loki-rhel8-operator", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v5.7.13-12", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/lokistack-gateway-rhel8", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v0.1.0-527", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/opa-openshift-rhel8", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v0.1.0-225", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/vector-rhel8", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v0.28.1-57", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:enterprise_linux:6", ], defaultStatus: "unaffected", packageName: "kernel", product: "Red Hat Enterprise Linux 6", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:enterprise_linux:7", ], defaultStatus: "unaffected", packageName: "kernel", product: "Red Hat Enterprise Linux 7", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:enterprise_linux:7", ], defaultStatus: "unaffected", packageName: "kernel-rt", product: "Red Hat Enterprise Linux 7", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:enterprise_linux:9", ], defaultStatus: "affected", packageName: "kernel-rt", product: "Red Hat Enterprise Linux 9", vendor: "Red Hat", }, ], datePublic: "2023-12-21T00:00:00+00:00", descriptions: [ { lang: "en", value: "A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci while restarting the gsm mux. This could allow a local unprivileged user to escalate their privileges on the system.", }, ], metrics: [ { other: { content: { namespace: "https://access.redhat.com/security/updates/classification/", value: "Important", }, type: "Red Hat severity rating", }, }, { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-416", description: "Use After Free", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-15T15:13:50.794Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2024:0930", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:0930", }, { name: "RHSA-2024:0937", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:0937", }, { name: "RHSA-2024:1018", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1018", }, { name: "RHSA-2024:1019", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1019", }, { name: "RHSA-2024:1055", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1055", }, { name: "RHSA-2024:1250", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1250", }, { name: "RHSA-2024:1253", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1253", }, { name: "RHSA-2024:1306", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1306", }, { name: "RHSA-2024:1607", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1607", }, { name: "RHSA-2024:1612", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1612", }, { name: "RHSA-2024:1614", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1614", }, { name: "RHSA-2024:2093", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:2093", }, { name: "RHSA-2024:2394", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:2394", }, { name: "RHSA-2024:2621", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:2621", }, { name: "RHSA-2024:2697", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:2697", }, { name: "RHSA-2024:4577", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:4577", }, { name: "RHSA-2024:4729", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:4729", }, { name: "RHSA-2024:4731", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:4731", }, { name: "RHSA-2024:4970", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:4970", }, { tags: [ "vdb-entry", "x_refsource_REDHAT", ], url: "https://access.redhat.com/security/cve/CVE-2023-6546", }, { name: "RHBZ#2255498", tags: [ "issue-tracking", "x_refsource_REDHAT", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2255498", }, { url: "https://github.com/torvalds/linux/commit/3c4f8333b582487a2d1e02171f1465531cde53e3", }, { url: "https://www.zerodayinitiative.com/advisories/ZDI-CAN-20527", }, ], timeline: [ { lang: "en", time: "2023-12-18T00:00:00+00:00", value: "Reported to Red Hat.", }, { lang: "en", time: "2023-12-21T00:00:00+00:00", value: "Made public.", }, ], title: "Kernel: gsm multiplexing race condition leads to privilege escalation", workarounds: [ { lang: "en", value: "This flaw can be mitigated by preventing the affected `n_gsm` kernel module from being loaded. For instructions on how to blacklist a kernel module, please see https://access.redhat.com/solutions/41278.", }, ], x_redhatCweChain: "CWE-362->CWE-416: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') leads to Use After Free", }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2023-6546", datePublished: "2023-12-21T20:01:03.217Z", dateReserved: "2023-12-06T07:11:48.937Z", dateUpdated: "2024-11-15T15:13:50.794Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-0565
Vulnerability from cvelistv5
Published
2024-01-15 20:02
Modified
2024-11-15 15:27
Severity ?
EPSS score ?
Summary
An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2024:1188 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2024:1404 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2024:1532 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2024:1533 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2024:1607 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2024:1614 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2024:2093 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/errata/RHSA-2024:2394 | vendor-advisory, x_refsource_REDHAT | |
| https://access.redhat.com/security/cve/CVE-2024-0565 | vdb-entry, x_refsource_REDHAT | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2258518 | issue-tracking, x_refsource_REDHAT | |
| https://www.spinics.net/lists/stable-commits/msg328851.html |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-01T18:11:35.146Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "RHSA-2024:1188", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1188", }, { name: "RHSA-2024:1404", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1404", }, { name: "RHSA-2024:1532", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1532", }, { name: "RHSA-2024:1533", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1533", }, { name: "RHSA-2024:1607", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1607", }, { name: "RHSA-2024:1614", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:1614", }, { name: "RHSA-2024:2093", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:2093", }, { name: "RHSA-2024:2394", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2024:2394", }, { tags: [ "vdb-entry", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/security/cve/CVE-2024-0565", }, { name: "RHBZ#2258518", tags: [ "issue-tracking", "x_refsource_REDHAT", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2258518", }, { tags: [ "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20240223-0002/", }, { tags: [ "x_transferred", ], url: "https://www.spinics.net/lists/stable-commits/msg328851.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { collectionURL: "https://git.kernel.org/pub/scm/linux/kernel", defaultStatus: "unaffected", packageName: "kernel", versions: [ { lessThan: "6.7-rc6", status: "affected", version: "0", versionType: "semver", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:enterprise_linux:8::realtime", "cpe:/a:redhat:enterprise_linux:8::nfv", ], defaultStatus: "affected", packageName: "kernel-rt", product: "Red Hat Enterprise Linux 8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:4.18.0-513.24.1.rt7.326.el8_9", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:enterprise_linux:8::baseos", "cpe:/a:redhat:enterprise_linux:8::crb", ], defaultStatus: "affected", packageName: "kernel", product: "Red Hat Enterprise Linux 8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:4.18.0-513.24.1.el8_9", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:rhev_hypervisor:4.4::el8", "cpe:/a:redhat:rhel_eus:8.6::crb", "cpe:/o:redhat:rhel_eus:8.6::baseos", ], defaultStatus: "affected", packageName: "kernel", product: "Red Hat Enterprise Linux 8.6 Extended Update Support", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:4.18.0-372.95.1.el8_6", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:rhel_eus:8.8::baseos", "cpe:/a:redhat:rhel_eus:8.8::crb", ], defaultStatus: "affected", packageName: "kernel", product: "Red Hat Enterprise Linux 8.8 Extended Update Support", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:4.18.0-477.51.1.el8_8", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:enterprise_linux:9::crb", "cpe:/o:redhat:enterprise_linux:9::baseos", "cpe:/a:redhat:enterprise_linux:9::nfv", "cpe:/a:redhat:enterprise_linux:9::realtime", "cpe:/a:redhat:enterprise_linux:9::appstream", ], defaultStatus: "affected", packageName: "kernel", product: "Red Hat Enterprise Linux 9", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:5.14.0-427.13.1.el9_4", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:enterprise_linux:9::crb", "cpe:/o:redhat:enterprise_linux:9::baseos", "cpe:/a:redhat:enterprise_linux:9::nfv", "cpe:/a:redhat:enterprise_linux:9::realtime", "cpe:/a:redhat:enterprise_linux:9::appstream", ], defaultStatus: "affected", packageName: "kernel", product: "Red Hat Enterprise Linux 9", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:5.14.0-427.13.1.el9_4", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:rhel_eus:9.2::crb", "cpe:/a:redhat:rhel_eus:9.2::appstream", "cpe:/o:redhat:rhel_eus:9.2::baseos", ], defaultStatus: "affected", packageName: "kernel", product: "Red Hat Enterprise Linux 9.2 Extended Update Support", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:5.14.0-284.59.1.el9_2", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/a:redhat:rhel_eus:9.2::nfv", "cpe:/a:redhat:rhel_eus:9.2::realtime", ], defaultStatus: "affected", packageName: "kernel-rt", product: "Red Hat Enterprise Linux 9.2 Extended Update Support", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:5.14.0-284.59.1.rt14.344.el9_2", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:rhev_hypervisor:4.4::el8", "cpe:/a:redhat:rhel_eus:8.6::crb", "cpe:/o:redhat:rhel_eus:8.6::baseos", ], defaultStatus: "affected", packageName: "kernel", product: "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "0:4.18.0-372.95.1.el8_6", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/cluster-logging-operator-bundle", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v5.7.13-16", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/cluster-logging-rhel8-operator", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v5.7.13-7", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/elasticsearch6-rhel8", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v6.8.1-408", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/elasticsearch-operator-bundle", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v5.7.13-19", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/elasticsearch-proxy-rhel8", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v1.0.0-480", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/elasticsearch-rhel8-operator", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v5.7.13-9", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/eventrouter-rhel8", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v0.4.0-248", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/fluentd-rhel8", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v1.14.6-215", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/kibana6-rhel8", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v6.8.1-431", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/log-file-metric-exporter-rhel8", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v1.1.0-228", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/logging-curator5-rhel8", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v5.8.1-471", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/logging-loki-rhel8", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v2.9.6-15", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/logging-view-plugin-rhel8", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v5.7.13-3", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/loki-operator-bundle", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v5.7.13-27", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/loki-rhel8-operator", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v5.7.13-12", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/lokistack-gateway-rhel8", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v0.1.0-527", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/opa-openshift-rhel8", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v0.1.0-225", versionType: "rpm", }, ], }, { collectionURL: "https://catalog.redhat.com/software/containers/", cpes: [ "cpe:/a:redhat:logging:5.7::el8", ], defaultStatus: "affected", packageName: "openshift-logging/vector-rhel8", product: "RHOL-5.7-RHEL-8", vendor: "Red Hat", versions: [ { lessThan: "*", status: "unaffected", version: "v0.28.1-57", versionType: "rpm", }, ], }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:enterprise_linux:6", ], defaultStatus: "unaffected", packageName: "kernel", product: "Red Hat Enterprise Linux 6", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:enterprise_linux:7", ], defaultStatus: "unaffected", packageName: "kernel", product: "Red Hat Enterprise Linux 7", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:enterprise_linux:7", ], defaultStatus: "unaffected", packageName: "kernel-rt", product: "Red Hat Enterprise Linux 7", vendor: "Red Hat", }, { collectionURL: "https://access.redhat.com/downloads/content/package-browser/", cpes: [ "cpe:/o:redhat:enterprise_linux:9", ], defaultStatus: "affected", packageName: "kernel-rt", product: "Red Hat Enterprise Linux 9", vendor: "Red Hat", }, ], datePublic: "2023-12-18T00:00:00+00:00", descriptions: [ { lang: "en", value: "An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service.", }, ], metrics: [ { other: { content: { namespace: "https://access.redhat.com/security/updates/classification/", value: "Moderate", }, type: "Red Hat severity rating", }, }, { cvssV3_1: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-191", description: "Integer Underflow (Wrap or Wraparound)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-11-15T15:27:39.597Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "RHSA-2024:1188", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1188", }, { name: "RHSA-2024:1404", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1404", }, { name: "RHSA-2024:1532", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1532", }, { name: "RHSA-2024:1533", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1533", }, { name: "RHSA-2024:1607", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1607", }, { name: "RHSA-2024:1614", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:1614", }, { name: "RHSA-2024:2093", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:2093", }, { name: "RHSA-2024:2394", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2024:2394", }, { tags: [ "vdb-entry", "x_refsource_REDHAT", ], url: "https://access.redhat.com/security/cve/CVE-2024-0565", }, { name: "RHBZ#2258518", tags: [ "issue-tracking", "x_refsource_REDHAT", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2258518", }, { url: "https://www.spinics.net/lists/stable-commits/msg328851.html", }, ], timeline: [ { lang: "en", time: "2024-01-15T00:00:00+00:00", value: "Reported to Red Hat.", }, { lang: "en", time: "2023-12-18T00:00:00+00:00", value: "Made public.", }, ], title: "Kernel: cifs filesystem decryption improper input validation remote code execution vulnerability in function receive_encrypted_standard of client", workarounds: [ { lang: "en", value: "To mitigate this issue, prevent module cifs from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.", }, ], x_redhatCweChain: "CWE-191: Integer Underflow (Wrap or Wraparound)", }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2024-0565", datePublished: "2024-01-15T20:02:02.639Z", dateReserved: "2024-01-15T19:19:12.076Z", dateUpdated: "2024-11-15T15:27:39.597Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }