csaf_redhat - rhsa-2024

rhsa-2024_0340

Vulnerability from csaf_redhat

Published

2024-01-23 09:16

Modified

2024-09-13 19:05

Summary

Red Hat Security Advisory: kpatch-patch security update

Notes

Topic

An update for kpatch-patch is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix(es): * kernel: tun: bugs for oversize packet when napi frags enabled in tun_napi_alloc_frags (CVE-2023-3812) * kernel: net/sched: sch_hfsc UAF (CVE-2023-4623) * kernel: use after free in unix_stream_sendpage (CVE-2023-4622) * kernel: netfilter: potential slab-out-of-bound access due to integer underflow (CVE-2023-42753) * kernel: use after free in nvmet_tcp_free_crypto in NVMe (CVE-2023-5178) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_vex",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for kpatch-patch is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.\n\nSecurity Fix(es):\n\n* kernel: tun: bugs for oversize packet when napi frags enabled in tun_napi_alloc_frags (CVE-2023-3812)\n\n* kernel: net/sched: sch_hfsc UAF (CVE-2023-4623)\n\n* kernel: use after free in unix_stream_sendpage (CVE-2023-4622)\n\n* kernel: netfilter: potential slab-out-of-bound access due to integer underflow (CVE-2023-42753)\n\n* kernel: use after free in nvmet_tcp_free_crypto in NVMe (CVE-2023-5178)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:0340",
        "url": "https://access.redhat.com/errata/RHSA-2024:0340"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2224048",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2224048"
      },
      {
        "category": "external",
        "summary": "2237757",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237757"
      },
      {
        "category": "external",
        "summary": "2237760",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237760"
      },
      {
        "category": "external",
        "summary": "2239843",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239843"
      },
      {
        "category": "external",
        "summary": "2241924",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241924"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_0340.json"
      }
    ],
    "title": "Red Hat Security Advisory: kpatch-patch security update",
    "tracking": {
      "current_release_date": "2024-09-13T19:05:43+00:00",
      "generator": {
        "date": "2024-09-13T19:05:43+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "3.33.3"
        }
      },
      "id": "RHSA-2024:0340",
      "initial_release_date": "2024-01-23T09:16:28+00:00",
      "revision_history": [
        {
          "date": "2024-01-23T09:16:28+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-01-23T09:16:28+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-09-13T19:05:43+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux BaseOS (v. 9)",
                "product": {
                  "name": "Red Hat Enterprise Linux BaseOS (v. 9)",
                  "product_id": "BaseOS-9.3.0.Z.MAIN",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:9::baseos"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.src",
                "product": {
                  "name": "kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.src",
                  "product_id": "kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-362_8_1@1-2.el9_3?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.src",
                "product": {
                  "name": "kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.src",
                  "product_id": "kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-362_13_1@1-1.el9_3?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.ppc64le",
                "product": {
                  "name": "kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.ppc64le",
                  "product_id": "kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-362_8_1@1-2.el9_3?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.ppc64le",
                "product": {
                  "name": "kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.ppc64le",
                  "product_id": "kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-362_8_1-debugsource@1-2.el9_3?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.ppc64le",
                "product": {
                  "name": "kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.ppc64le",
                  "product_id": "kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-362_8_1-debuginfo@1-2.el9_3?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.ppc64le",
                "product": {
                  "name": "kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.ppc64le",
                  "product_id": "kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-362_13_1@1-1.el9_3?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.ppc64le",
                "product": {
                  "name": "kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.ppc64le",
                  "product_id": "kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-362_13_1-debugsource@1-1.el9_3?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.ppc64le",
                "product": {
                  "name": "kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.ppc64le",
                  "product_id": "kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-362_13_1-debuginfo@1-1.el9_3?arch=ppc64le"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.x86_64",
                "product": {
                  "name": "kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.x86_64",
                  "product_id": "kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-362_8_1@1-2.el9_3?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.x86_64",
                "product": {
                  "name": "kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.x86_64",
                  "product_id": "kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-362_8_1-debugsource@1-2.el9_3?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.x86_64",
                "product": {
                  "name": "kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.x86_64",
                  "product_id": "kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-362_8_1-debuginfo@1-2.el9_3?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.x86_64",
                "product": {
                  "name": "kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.x86_64",
                  "product_id": "kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-362_13_1@1-1.el9_3?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.x86_64",
                "product": {
                  "name": "kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.x86_64",
                  "product_id": "kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-362_13_1-debugsource@1-1.el9_3?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.x86_64",
                "product": {
                  "name": "kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.x86_64",
                  "product_id": "kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-362_13_1-debuginfo@1-1.el9_3?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.ppc64le"
        },
        "product_reference": "kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.ppc64le",
        "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.src as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.src"
        },
        "product_reference": "kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.src",
        "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.x86_64"
        },
        "product_reference": "kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.x86_64",
        "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.ppc64le"
        },
        "product_reference": "kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.ppc64le",
        "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.x86_64"
        },
        "product_reference": "kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.x86_64",
        "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.ppc64le"
        },
        "product_reference": "kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.ppc64le",
        "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.x86_64"
        },
        "product_reference": "kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.x86_64",
        "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.ppc64le"
        },
        "product_reference": "kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.ppc64le",
        "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.src as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.src"
        },
        "product_reference": "kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.src",
        "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.x86_64"
        },
        "product_reference": "kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.x86_64",
        "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.ppc64le"
        },
        "product_reference": "kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.ppc64le",
        "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.x86_64"
        },
        "product_reference": "kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.x86_64",
        "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.ppc64le"
        },
        "product_reference": "kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.ppc64le",
        "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.x86_64"
        },
        "product_reference": "kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.x86_64",
        "relates_to_product_reference": "BaseOS-9.3.0.Z.MAIN"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-3812",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "discovery_date": "2023-07-19T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2224048"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An out-of-bounds memory access flaw was found in the Linux kernel\u2019s TUN/TAP device driver functionality in how a user generates a malicious (too big) networking packet when napi frags is enabled. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: tun: bugs for oversize packet when napi frags enabled in tun_napi_alloc_frags",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.ppc64le",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.src",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.x86_64",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.ppc64le",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.x86_64",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.ppc64le",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.x86_64",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.ppc64le",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.src",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.x86_64",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.ppc64le",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.x86_64",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.ppc64le",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-3812"
        },
        {
          "category": "external",
          "summary": "RHBZ#2224048",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2224048"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-3812",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-3812"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3812",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3812"
        },
        {
          "category": "external",
          "summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=363a5328f4b0",
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=363a5328f4b0"
        }
      ],
      "release_date": "2022-10-22T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.src",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.src",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:0340"
        },
        {
          "category": "workaround",
          "details": "To mitigate this issue, prevent the tun module from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
          "product_ids": [
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.src",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.src",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.src",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.src",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "kernel: tun: bugs for oversize packet when napi frags enabled in tun_napi_alloc_frags"
    },
    {
      "cve": "CVE-2023-4622",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "discovery_date": "2023-09-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2237760"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A use-after-free flaw was found in the Linux kernel\u0027s af_unix component that allows local privilege escalation. The unix_stream_sendpage() function tries to add data to the last skb in the peer\u0027s recv queue without locking the queue. This issue leads to a race condition where the unix_stream_sendpage() function could access a skb that is being released by garbage collection, resulting in a use-after-free issue.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: use after free in unix_stream_sendpage",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.ppc64le",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.src",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.x86_64",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.ppc64le",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.x86_64",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.ppc64le",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.x86_64",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.ppc64le",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.src",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.x86_64",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.ppc64le",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.x86_64",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.ppc64le",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-4622"
        },
        {
          "category": "external",
          "summary": "RHBZ#2237760",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237760"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-4622",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-4622"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4622",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4622"
        },
        {
          "category": "external",
          "summary": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-6.1.y\u0026id=790c2f9d15b594350ae9bca7b236f2b1859de02c",
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-6.1.y\u0026id=790c2f9d15b594350ae9bca7b236f2b1859de02c"
        }
      ],
      "release_date": "2023-09-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.src",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.src",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:0340"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.src",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.src",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.src",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.src",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "kernel: use after free in unix_stream_sendpage"
    },
    {
      "cve": "CVE-2023-4623",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "discovery_date": "2023-09-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2237757"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A use-after-free flaw was found in the Linux kernel\u0027s net/sched: sch_hfsc (HFSC qdisc traffic control) component that can be exploited to achieve local privilege escalation. If a class with a link-sharing curve, for example, with the HFSC_FSC flag set, has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_remove() will be skipped in update_vf(). This leaves a dangling pointer that can cause a use-after-free issue.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: net/sched: sch_hfsc UAF",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.ppc64le",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.src",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.x86_64",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.ppc64le",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.x86_64",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.ppc64le",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.x86_64",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.ppc64le",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.src",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.x86_64",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.ppc64le",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.x86_64",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.ppc64le",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-4623"
        },
        {
          "category": "external",
          "summary": "RHBZ#2237757",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237757"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-4623",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-4623"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-4623",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4623"
        },
        {
          "category": "external",
          "summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b3d26c5702c7d6c45456326e56d2ccf3f103e60f",
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b3d26c5702c7d6c45456326e56d2ccf3f103e60f"
        }
      ],
      "release_date": "2023-09-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.src",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.src",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:0340"
        },
        {
          "category": "workaround",
          "details": "To mitigate this issue, prevent the module sch_hfsc from being loaded by blacklisting the module to prevent it from loading automatically. \n~~~\nhttps://access.redhat.com/solutions/41278 \n~~~",
          "product_ids": [
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.src",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.src",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.src",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.src",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "kernel: net/sched: sch_hfsc UAF"
    },
    {
      "cve": "CVE-2023-5178",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "discovery_date": "2023-10-03T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2241924"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel. This issue may allow a malicious user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: use after free in nvmet_tcp_free_crypto in NVMe",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is actual only for systems where NVME over TCP being used.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.ppc64le",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.src",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.x86_64",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.ppc64le",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.x86_64",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.ppc64le",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.x86_64",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.ppc64le",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.src",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.x86_64",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.ppc64le",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.x86_64",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.ppc64le",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-5178"
        },
        {
          "category": "external",
          "summary": "RHBZ#2241924",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241924"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-5178",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-5178"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-5178",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5178"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-nvme/20231002105428.226515-1-sagi@grimberg.me/",
          "url": "https://lore.kernel.org/linux-nvme/20231002105428.226515-1-sagi@grimberg.me/"
        }
      ],
      "release_date": "2023-10-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.src",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.src",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:0340"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.src",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.src",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.src",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.src",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "kernel: use after free in nvmet_tcp_free_crypto in NVMe"
    },
    {
      "cve": "CVE-2023-42753",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "discovery_date": "2023-09-20T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2239843"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h-\u003enets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: netfilter: potential slab-out-of-bound access due to integer underflow",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.ppc64le",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.src",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.x86_64",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.ppc64le",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.x86_64",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.ppc64le",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.x86_64",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.ppc64le",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.src",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.x86_64",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.ppc64le",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.x86_64",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.ppc64le",
          "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-42753"
        },
        {
          "category": "external",
          "summary": "RHBZ#2239843",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239843"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-42753",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-42753"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-42753",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-42753"
        },
        {
          "category": "external",
          "summary": "https://seclists.org/oss-sec/2023/q3/216",
          "url": "https://seclists.org/oss-sec/2023/q3/216"
        }
      ],
      "release_date": "2023-09-22T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.src",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.src",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:0340"
        },
        {
          "category": "workaround",
          "details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
          "product_ids": [
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.src",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.src",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.src",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debuginfo-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_13_1-debugsource-0:1-1.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.src",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-0:1-2.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debuginfo-0:1-2.el9_3.x86_64",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.ppc64le",
            "BaseOS-9.3.0.Z.MAIN:kpatch-patch-5_14_0-362_8_1-debugsource-0:1-2.el9_3.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "kernel: netfilter: potential slab-out-of-bound access due to integer underflow"
    }
  ]
}

cve-2023-4623

Vulnerability from cvelistv5

Published

2023-09-06 13:56

Modified

2024-08-02 07:31

Severity

7.8 (High) - cvssV3_1 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

Use-after-free in Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component

References

URL	Tags
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b3d26c5702c7d6c45456326e56d2ccf3f103e60f	patch
https://kernel.dance/b3d26c5702c7d6c45456326e56d2ccf3f103e60f
https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html
http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html
https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html

Impacted products

Vendor	Product
Linux	Kernel

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T07:31:06.625Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "patch",
              "x_transferred"
            ],
            "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b3d26c5702c7d6c45456326e56d2ccf3f103e60f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://kernel.dance/b3d26c5702c7d6c45456326e56d2ccf3f103e60f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Kernel",
          "repo": "https://git.kernel.org",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "6.6",
              "status": "affected",
              "version": "2.6.12",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Budimir Markovic"
        }
      ],
      "datePublic": "2023-08-26T01:57:54+00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A use-after-free vulnerability in the Linux kernel\u0027s net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation.\n\nIf a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a parent without a link-sharing curve, then init_vf() will call vttree_insert() on the parent, but vttree_remove() will be skipped in update_vf(). This leaves a dangling pointer that can cause a use-after-free.\n\nWe recommend upgrading past commit b3d26c5702c7d6c45456326e56d2ccf3f103e60f.\n\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-233",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-233 Privilege Escalation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "CWE-416 Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-09-06T13:56:57.295Z",
        "orgId": "14ed7db2-1595-443d-9d34-6215bf890778",
        "shortName": "Google"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b3d26c5702c7d6c45456326e56d2ccf3f103e60f"
        },
        {
          "url": "https://kernel.dance/b3d26c5702c7d6c45456326e56d2ccf3f103e60f"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html"
        },
        {
          "url": "http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Use-after-free in Linux kernel\u0027s net/sched: sch_hfsc (HFSC qdisc traffic control) component",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778",
    "assignerShortName": "Google",
    "cveId": "CVE-2023-4623",
    "datePublished": "2023-09-06T13:56:57.295Z",
    "dateReserved": "2023-08-30T11:58:12.267Z",
    "dateUpdated": "2024-08-02T07:31:06.625Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-5178

Vulnerability from cvelistv5

Published

2023-11-01 16:32

Modified

2024-09-13 18:25

Severity

8.8 (High) - cvssV3_1 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

Kernel: use after free in nvmet_tcp_free_crypto in nvme

References

URL	Tags
https://access.redhat.com/errata/RHSA-2023:7370	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7379	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7418	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7548	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7549	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7551	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7554	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7557	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7559	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0340	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0378	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0386	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0412	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0431	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0432	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0461	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0554	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0575	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1268	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1269	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1278	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-5178	vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2241924	issue-tracking, x_refsource_REDHAT
https://lore.kernel.org/linux-nvme/20231002105428.226515-1-sagi@grimberg.me/

Impacted products

Vendor	Product
Red Hat	Red Hat Enterprise Linux 8
Red Hat	Red Hat Enterprise Linux 8
Red Hat	Red Hat Enterprise Linux 8
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support
Red Hat	Red Hat Enterprise Linux 8.2 Telecommunications Update Service
Red Hat	Red Hat Enterprise Linux 8.2 Telecommunications Update Service
Red Hat	Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions
Red Hat	Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
Red Hat	Red Hat Enterprise Linux 8.4 Telecommunications Update Service
Red Hat	Red Hat Enterprise Linux 8.4 Telecommunications Update Service
Red Hat	Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
Red Hat	Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support
Red Hat	Red Hat Enterprise Linux 9
Red Hat	Red Hat Enterprise Linux 9
Red Hat	Red Hat Enterprise Linux 9
Red Hat	Red Hat Enterprise Linux 9.0 Extended Update Support
Red Hat	Red Hat Enterprise Linux 9.0 Extended Update Support
Red Hat	Red Hat Enterprise Linux 9.0 Extended Update Support
Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support
Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support
Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support
Red Hat	Red Hat Virtualization 4 for Red Hat Enterprise Linux 8
Red Hat	Red Hat Enterprise Linux 6
Red Hat	Red Hat Enterprise Linux 7
Red Hat	Red Hat Enterprise Linux 7
Red Hat	Red Hat Enterprise Linux 9

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T07:52:07.827Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2023:7370",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7370"
          },
          {
            "name": "RHSA-2023:7379",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7379"
          },
          {
            "name": "RHSA-2023:7418",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7418"
          },
          {
            "name": "RHSA-2023:7548",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7548"
          },
          {
            "name": "RHSA-2023:7549",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7549"
          },
          {
            "name": "RHSA-2023:7551",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7551"
          },
          {
            "name": "RHSA-2023:7554",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7554"
          },
          {
            "name": "RHSA-2023:7557",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7557"
          },
          {
            "name": "RHSA-2023:7559",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7559"
          },
          {
            "name": "RHSA-2024:0340",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0340"
          },
          {
            "name": "RHSA-2024:0378",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0378"
          },
          {
            "name": "RHSA-2024:0386",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0386"
          },
          {
            "name": "RHSA-2024:0412",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0412"
          },
          {
            "name": "RHSA-2024:0431",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0431"
          },
          {
            "name": "RHSA-2024:0432",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0432"
          },
          {
            "name": "RHSA-2024:0461",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0461"
          },
          {
            "name": "RHSA-2024:0554",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0554"
          },
          {
            "name": "RHSA-2024:0575",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0575"
          },
          {
            "name": "RHSA-2024:1268",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1268"
          },
          {
            "name": "RHSA-2024:1269",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1269"
          },
          {
            "name": "RHSA-2024:1278",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1278"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2023-5178"
          },
          {
            "name": "RHBZ#2241924",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241924"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lore.kernel.org/linux-nvme/20231002105428.226515-1-sagi@grimberg.me/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20231208-0004/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::nfv",
            "cpe:/a:redhat:enterprise_linux:8::realtime"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-513.9.1.rt7.311.el8_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-513.9.1.el8_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kpatch-patch",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.2::baseos",
            "cpe:/o:redhat:rhel_tus:8.2::baseos",
            "cpe:/o:redhat:rhel_e4s:8.2::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-193.128.1.el8_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.2::realtime",
            "cpe:/a:redhat:rhel_tus:8.2::nfv"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-193.128.1.rt13.179.el8_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.2::baseos",
            "cpe:/o:redhat:rhel_tus:8.2::baseos",
            "cpe:/o:redhat:rhel_e4s:8.2::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-193.128.1.el8_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.2::baseos",
            "cpe:/o:redhat:rhel_tus:8.2::baseos",
            "cpe:/o:redhat:rhel_e4s:8.2::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-193.128.1.el8_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:8.2::baseos"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kpatch-patch",
          "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:8.4::baseos",
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/o:redhat:rhel_tus:8.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-305.114.1.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.4::nfv",
            "cpe:/a:redhat:rhel_tus:8.4::realtime"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-305.114.1.rt7.190.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:8.4::baseos",
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/o:redhat:rhel_tus:8.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-305.114.1.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:8.4::baseos",
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/o:redhat:rhel_tus:8.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-305.114.1.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:8.4::baseos"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kpatch-patch",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:8.6::baseos"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kpatch-patch",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhev_hypervisor:4.4::el8",
            "cpe:/a:redhat:rhel_eus:8.6::crb",
            "cpe:/o:redhat:rhel_eus:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-372.87.1.el8_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:8.8::baseos"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kpatch-patch",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::crb",
            "cpe:/o:redhat:rhel_eus:8.8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-477.43.1.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::realtime",
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::nfv",
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.14.0-362.18.1.el9_3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kpatch-patch",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::realtime",
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::nfv",
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.14.0-362.18.1.el9_3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:9.0::baseos",
            "cpe:/a:redhat:rhel_eus:9.0::crb",
            "cpe:/a:redhat:rhel_eus:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.14.0-70.85.1.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.0::realtime",
            "cpe:/a:redhat:rhel_eus:9.0::nfv"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.14.0-70.85.1.rt21.156.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:9.0::baseos"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kpatch-patch",
          "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::crb",
            "cpe:/o:redhat:rhel_eus:9.2::baseos",
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.14.0-284.40.1.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::realtime",
            "cpe:/a:redhat:rhel_eus:9.2::nfv"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.14.0-284.40.1.rt14.325.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:9.2::baseos"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kpatch-patch",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhev_hypervisor:4.4::el8",
            "cpe:/a:redhat:rhel_eus:8.6::crb",
            "cpe:/o:redhat:rhel_eus:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-372.87.1.el8_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2023-10-15T00:00:00+00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel. This issue may allow a malicious user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-13T18:25:32.098Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2023:7370",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7370"
        },
        {
          "name": "RHSA-2023:7379",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7379"
        },
        {
          "name": "RHSA-2023:7418",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7418"
        },
        {
          "name": "RHSA-2023:7548",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7548"
        },
        {
          "name": "RHSA-2023:7549",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7549"
        },
        {
          "name": "RHSA-2023:7551",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7551"
        },
        {
          "name": "RHSA-2023:7554",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7554"
        },
        {
          "name": "RHSA-2023:7557",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7557"
        },
        {
          "name": "RHSA-2023:7559",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7559"
        },
        {
          "name": "RHSA-2024:0340",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0340"
        },
        {
          "name": "RHSA-2024:0378",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0378"
        },
        {
          "name": "RHSA-2024:0386",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0386"
        },
        {
          "name": "RHSA-2024:0412",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0412"
        },
        {
          "name": "RHSA-2024:0431",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0431"
        },
        {
          "name": "RHSA-2024:0432",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0432"
        },
        {
          "name": "RHSA-2024:0461",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0461"
        },
        {
          "name": "RHSA-2024:0554",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0554"
        },
        {
          "name": "RHSA-2024:0575",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0575"
        },
        {
          "name": "RHSA-2024:1268",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1268"
        },
        {
          "name": "RHSA-2024:1269",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1269"
        },
        {
          "name": "RHSA-2024:1278",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1278"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2023-5178"
        },
        {
          "name": "RHBZ#2241924",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241924"
        },
        {
          "url": "https://lore.kernel.org/linux-nvme/20231002105428.226515-1-sagi@grimberg.me/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2023-10-03T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2023-10-15T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Kernel: use after free in nvmet_tcp_free_crypto in nvme",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-415-\u003eCWE-416: Double Free leads to Use After Free"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-5178",
    "datePublished": "2023-11-01T16:32:20.350Z",
    "dateReserved": "2023-09-25T16:38:10.637Z",
    "dateUpdated": "2024-09-13T18:25:32.098Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-3812

Vulnerability from cvelistv5

Published

2023-07-24 15:19

Modified

2024-09-13 18:23

Severity

7.8 (High) - cvssV3_1 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

Kernel: tun: bugs for oversize packet when napi frags enabled in tun_napi_alloc_frags

References

URL	Tags
https://access.redhat.com/errata/RHSA-2023:6799	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:6813	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7370	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7379	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7382	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7389	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7411	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7418	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7548	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7549	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7554	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0340	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0378	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0412	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0461	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0554	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0562	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0563	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0575	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0593	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1961	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2006	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2008	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-3812	vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2224048	issue-tracking, x_refsource_REDHAT
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=363a5328f4b0

Impacted products

Vendor	Product
Red Hat	Red Hat Enterprise Linux 8
Red Hat	Red Hat Enterprise Linux 8
Red Hat	Red Hat Enterprise Linux 8
Red Hat	Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions
Red Hat	Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support
Red Hat	Red Hat Enterprise Linux 8.2 Telecommunications Update Service
Red Hat	Red Hat Enterprise Linux 8.2 Telecommunications Update Service
Red Hat	Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions
Red Hat	Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
Red Hat	Red Hat Enterprise Linux 8.4 Telecommunications Update Service
Red Hat	Red Hat Enterprise Linux 8.4 Telecommunications Update Service
Red Hat	Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
Red Hat	Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support
Red Hat	Red Hat Enterprise Linux 9
Red Hat	Red Hat Enterprise Linux 9
Red Hat	Red Hat Enterprise Linux 9
Red Hat	Red Hat Enterprise Linux 9.0 Extended Update Support
Red Hat	Red Hat Enterprise Linux 9.0 Extended Update Support
Red Hat	Red Hat Enterprise Linux 9.0 Extended Update Support
Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support
Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support
Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support
Red Hat	Red Hat Virtualization 4 for Red Hat Enterprise Linux 8
Red Hat	Red Hat Enterprise Linux 6
Red Hat	Red Hat Enterprise Linux 7
Red Hat	Red Hat Enterprise Linux 7
Red Hat	Red Hat Enterprise Linux 9

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T07:08:50.501Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2023:6799",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:6799"
          },
          {
            "name": "RHSA-2023:6813",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:6813"
          },
          {
            "name": "RHSA-2023:7370",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7370"
          },
          {
            "name": "RHSA-2023:7379",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7379"
          },
          {
            "name": "RHSA-2023:7382",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7382"
          },
          {
            "name": "RHSA-2023:7389",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7389"
          },
          {
            "name": "RHSA-2023:7411",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7411"
          },
          {
            "name": "RHSA-2023:7418",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7418"
          },
          {
            "name": "RHSA-2023:7548",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7548"
          },
          {
            "name": "RHSA-2023:7549",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7549"
          },
          {
            "name": "RHSA-2023:7554",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7554"
          },
          {
            "name": "RHSA-2024:0340",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0340"
          },
          {
            "name": "RHSA-2024:0378",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0378"
          },
          {
            "name": "RHSA-2024:0412",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0412"
          },
          {
            "name": "RHSA-2024:0461",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0461"
          },
          {
            "name": "RHSA-2024:0554",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0554"
          },
          {
            "name": "RHSA-2024:0562",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0562"
          },
          {
            "name": "RHSA-2024:0563",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0563"
          },
          {
            "name": "RHSA-2024:0575",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0575"
          },
          {
            "name": "RHSA-2024:0593",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0593"
          },
          {
            "name": "RHSA-2024:1961",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1961"
          },
          {
            "name": "RHSA-2024:2006",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2006"
          },
          {
            "name": "RHSA-2024:2008",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2008"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2023-3812"
          },
          {
            "name": "RHBZ#2224048",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2224048"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=363a5328f4b0"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::realtime",
            "cpe:/a:redhat:enterprise_linux:8::nfv"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-513.9.1.rt7.311.el8_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-513.9.1.el8_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kpatch-patch",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:8.1::baseos"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kpatch-patch",
          "product": "Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:8.1::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-147.94.1.el8_1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:8.2::baseos",
            "cpe:/o:redhat:rhel_aus:8.2::baseos",
            "cpe:/o:redhat:rhel_tus:8.2::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-193.133.1.el8_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.2::realtime",
            "cpe:/a:redhat:rhel_tus:8.2::nfv"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-193.133.1.rt13.184.el8_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:8.2::baseos",
            "cpe:/o:redhat:rhel_aus:8.2::baseos",
            "cpe:/o:redhat:rhel_tus:8.2::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-193.133.1.el8_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:8.2::baseos"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kpatch-patch",
          "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:8.2::baseos",
            "cpe:/o:redhat:rhel_aus:8.2::baseos",
            "cpe:/o:redhat:rhel_tus:8.2::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-193.133.1.el8_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_tus:8.4::baseos",
            "cpe:/o:redhat:rhel_e4s:8.4::baseos",
            "cpe:/o:redhat:rhel_aus:8.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-305.120.1.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.4::realtime",
            "cpe:/a:redhat:rhel_tus:8.4::nfv"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-305.120.1.rt7.196.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_tus:8.4::baseos",
            "cpe:/o:redhat:rhel_e4s:8.4::baseos",
            "cpe:/o:redhat:rhel_aus:8.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-305.120.1.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_tus:8.4::baseos",
            "cpe:/o:redhat:rhel_e4s:8.4::baseos",
            "cpe:/o:redhat:rhel_aus:8.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-305.120.1.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:8.4::baseos"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kpatch-patch",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:8.6::baseos"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kpatch-patch",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhev_hypervisor:4.4::el8",
            "cpe:/a:redhat:rhel_eus:8.6::crb",
            "cpe:/o:redhat:rhel_eus:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-372.87.1.el8_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:8.8::baseos"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kpatch-patch",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:8.8::baseos",
            "cpe:/a:redhat:rhel_eus:8.8::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-477.43.1.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::nfv",
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::realtime"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.14.0-362.18.1.el9_3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kpatch-patch",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::nfv",
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::realtime"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.14.0-362.18.1.el9_3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:9.0::baseos",
            "cpe:/a:redhat:rhel_eus:9.0::appstream",
            "cpe:/a:redhat:rhel_eus:9.0::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.14.0-70.80.1.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.0::realtime",
            "cpe:/a:redhat:rhel_eus:9.0::nfv"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.14.0-70.80.1.rt21.151.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:9.0::baseos"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kpatch-patch",
          "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream",
            "cpe:/o:redhat:rhel_eus:9.2::baseos",
            "cpe:/a:redhat:rhel_eus:9.2::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.14.0-284.40.1.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::nfv",
            "cpe:/a:redhat:rhel_eus:9.2::realtime"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.14.0-284.40.1.rt14.325.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:9.2::baseos"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kpatch-patch",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhev_hypervisor:4.4::el8",
            "cpe:/a:redhat:rhel_eus:8.6::crb",
            "cpe:/o:redhat:rhel_eus:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-372.87.1.el8_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2022-10-22T00:00:00+00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An out-of-bounds memory access flaw was found in the Linux kernel\u2019s TUN/TAP device driver functionality in how a user generates a malicious (too big) networking packet when napi frags is enabled. This flaw allows a local user to crash or potentially escalate their privileges on the system."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-13T18:23:19.887Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2023:6799",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:6799"
        },
        {
          "name": "RHSA-2023:6813",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:6813"
        },
        {
          "name": "RHSA-2023:7370",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7370"
        },
        {
          "name": "RHSA-2023:7379",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7379"
        },
        {
          "name": "RHSA-2023:7382",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7382"
        },
        {
          "name": "RHSA-2023:7389",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7389"
        },
        {
          "name": "RHSA-2023:7411",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7411"
        },
        {
          "name": "RHSA-2023:7418",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7418"
        },
        {
          "name": "RHSA-2023:7548",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7548"
        },
        {
          "name": "RHSA-2023:7549",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7549"
        },
        {
          "name": "RHSA-2023:7554",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7554"
        },
        {
          "name": "RHSA-2024:0340",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0340"
        },
        {
          "name": "RHSA-2024:0378",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0378"
        },
        {
          "name": "RHSA-2024:0412",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0412"
        },
        {
          "name": "RHSA-2024:0461",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0461"
        },
        {
          "name": "RHSA-2024:0554",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0554"
        },
        {
          "name": "RHSA-2024:0562",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0562"
        },
        {
          "name": "RHSA-2024:0563",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0563"
        },
        {
          "name": "RHSA-2024:0575",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0575"
        },
        {
          "name": "RHSA-2024:0593",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0593"
        },
        {
          "name": "RHSA-2024:1961",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1961"
        },
        {
          "name": "RHSA-2024:2006",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2006"
        },
        {
          "name": "RHSA-2024:2008",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2008"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2023-3812"
        },
        {
          "name": "RHBZ#2224048",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2224048"
        },
        {
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=363a5328f4b0"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2023-07-19T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2022-10-22T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Kernel: tun: bugs for oversize packet when napi frags enabled in tun_napi_alloc_frags",
      "workarounds": [
        {
          "lang": "en",
          "value": "To mitigate this issue, prevent the tun module from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically."
        }
      ],
      "x_redhatCweChain": "(CWE-416|CWE-787): Use After Free or Out-of-bounds Write"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-3812",
    "datePublished": "2023-07-24T15:19:21.817Z",
    "dateReserved": "2023-07-20T13:02:44.826Z",
    "dateUpdated": "2024-09-13T18:23:19.887Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-42753

Vulnerability from cvelistv5

Published

2023-09-25 20:25

Modified

2024-09-13 18:42

Severity

7.0 (High) - cvssV3_1 - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

Kernel: netfilter: potential slab-out-of-bound access due to integer underflow

References

URL	Tags
https://access.redhat.com/errata/RHSA-2023:7370	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7379	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7382	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7389	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7411	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7418	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7539	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2023:7558	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0089	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0113	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0134	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0340	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0346	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0347	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0371	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0376	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0378	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0402	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0403	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0412	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0461	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0562	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0563	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0593	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:0999	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2023-42753	vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2239843	issue-tracking, x_refsource_REDHAT
https://seclists.org/oss-sec/2023/q3/216

Impacted products

Vendor	Product
Red Hat	Red Hat Enterprise Linux 7
Red Hat	Red Hat Enterprise Linux 7
Red Hat	Red Hat Enterprise Linux 7
Red Hat	Red Hat Enterprise Linux 7.7 Advanced Update Support
Red Hat	Red Hat Enterprise Linux 8
Red Hat	Red Hat Enterprise Linux 8
Red Hat	Red Hat Enterprise Linux 8
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support
Red Hat	Red Hat Enterprise Linux 8.2 Telecommunications Update Service
Red Hat	Red Hat Enterprise Linux 8.2 Telecommunications Update Service
Red Hat	Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions
Red Hat	Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
Red Hat	Red Hat Enterprise Linux 8.4 Telecommunications Update Service
Red Hat	Red Hat Enterprise Linux 8.4 Telecommunications Update Service
Red Hat	Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
Red Hat	Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support
Red Hat	Red Hat Enterprise Linux 9
Red Hat	Red Hat Enterprise Linux 9
Red Hat	Red Hat Enterprise Linux 9
Red Hat	Red Hat Enterprise Linux 9.0 Extended Update Support
Red Hat	Red Hat Enterprise Linux 9.0 Extended Update Support
Red Hat	Red Hat Enterprise Linux 9.0 Extended Update Support
Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support
Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support
Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support
Red Hat	Red Hat Virtualization 4 for Red Hat Enterprise Linux 8
Red Hat	Red Hat Enterprise Linux 6
Red Hat	Red Hat Enterprise Linux 9

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T19:30:24.424Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html"
          },
          {
            "name": "RHSA-2023:7370",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7370"
          },
          {
            "name": "RHSA-2023:7379",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7379"
          },
          {
            "name": "RHSA-2023:7382",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7382"
          },
          {
            "name": "RHSA-2023:7389",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7389"
          },
          {
            "name": "RHSA-2023:7411",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7411"
          },
          {
            "name": "RHSA-2023:7418",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7418"
          },
          {
            "name": "RHSA-2023:7539",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7539"
          },
          {
            "name": "RHSA-2023:7558",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2023:7558"
          },
          {
            "name": "RHSA-2024:0089",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0089"
          },
          {
            "name": "RHSA-2024:0113",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0113"
          },
          {
            "name": "RHSA-2024:0134",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0134"
          },
          {
            "name": "RHSA-2024:0340",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0340"
          },
          {
            "name": "RHSA-2024:0346",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0346"
          },
          {
            "name": "RHSA-2024:0347",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0347"
          },
          {
            "name": "RHSA-2024:0371",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0371"
          },
          {
            "name": "RHSA-2024:0376",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0376"
          },
          {
            "name": "RHSA-2024:0378",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0378"
          },
          {
            "name": "RHSA-2024:0402",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0402"
          },
          {
            "name": "RHSA-2024:0403",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0403"
          },
          {
            "name": "RHSA-2024:0412",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0412"
          },
          {
            "name": "RHSA-2024:0461",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0461"
          },
          {
            "name": "RHSA-2024:0562",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0562"
          },
          {
            "name": "RHSA-2024:0563",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0563"
          },
          {
            "name": "RHSA-2024:0593",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0593"
          },
          {
            "name": "RHSA-2024:0999",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0999"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2023-42753"
          },
          {
            "name": "RHBZ#2239843",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239843"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://seclists.org/oss-sec/2023/q3/216"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.openwall.com/lists/oss-security/2023/09/22/10"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_extras_rt:7"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.10.0-1160.108.1.rt56.1259.el7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7::computenode",
            "cpe:/o:redhat:enterprise_linux:7::server",
            "cpe:/o:redhat:enterprise_linux:7::client",
            "cpe:/o:redhat:enterprise_linux:7::workstation"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.10.0-1160.108.1.el7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7::server"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kpatch-patch",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:7.7::server"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 7.7 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.10.0-1062.85.1.el7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::nfv",
            "cpe:/a:redhat:enterprise_linux:8::realtime"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-513.11.1.rt7.313.el8_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kpatch-patch",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-513.11.1.el8_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.2::baseos",
            "cpe:/o:redhat:rhel_tus:8.2::baseos",
            "cpe:/o:redhat:rhel_e4s:8.2::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-193.120.1.el8_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.2::realtime",
            "cpe:/a:redhat:rhel_tus:8.2::nfv"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-193.120.1.rt13.171.el8_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.2::baseos",
            "cpe:/o:redhat:rhel_tus:8.2::baseos",
            "cpe:/o:redhat:rhel_e4s:8.2::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-193.120.1.el8_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:8.2::baseos"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kpatch-patch",
          "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.2::baseos",
            "cpe:/o:redhat:rhel_tus:8.2::baseos",
            "cpe:/o:redhat:rhel_e4s:8.2::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-193.120.1.el8_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:8.4::baseos",
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/o:redhat:rhel_tus:8.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-305.120.1.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.4::nfv",
            "cpe:/a:redhat:rhel_tus:8.4::realtime"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-305.120.1.rt7.196.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:8.4::baseos",
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/o:redhat:rhel_tus:8.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-305.120.1.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:8.4::baseos",
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/o:redhat:rhel_tus:8.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-305.120.1.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:8.4::baseos"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kpatch-patch",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:8.6::baseos"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kpatch-patch",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhev_hypervisor:4.4::el8",
            "cpe:/a:redhat:rhel_eus:8.6::crb",
            "cpe:/o:redhat:rhel_eus:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-372.87.1.el8_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::crb",
            "cpe:/o:redhat:rhel_eus:8.8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-477.36.1.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:8.8::baseos"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kpatch-patch",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::realtime",
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::nfv",
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.14.0-362.18.1.el9_3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kpatch-patch",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::realtime",
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::nfv",
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.14.0-362.18.1.el9_3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:9.0::baseos",
            "cpe:/a:redhat:rhel_eus:9.0::crb",
            "cpe:/a:redhat:rhel_eus:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.14.0-70.80.1.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.0::realtime",
            "cpe:/a:redhat:rhel_eus:9.0::nfv"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.14.0-70.80.1.rt21.151.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:9.0::baseos"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kpatch-patch",
          "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::crb",
            "cpe:/o:redhat:rhel_eus:9.2::baseos",
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.14.0-284.40.1.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::realtime",
            "cpe:/a:redhat:rhel_eus:9.2::nfv"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.14.0-284.40.1.rt14.325.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:9.2::baseos"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kpatch-patch",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhev_hypervisor:4.4::el8",
            "cpe:/a:redhat:rhel_eus:8.6::crb",
            "cpe:/o:redhat:rhel_eus:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.18.0-372.87.1.el8_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2023-09-22T00:00:00+00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h-\u003enets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-13T18:42:05.332Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2023:7370",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7370"
        },
        {
          "name": "RHSA-2023:7379",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7379"
        },
        {
          "name": "RHSA-2023:7382",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7382"
        },
        {
          "name": "RHSA-2023:7389",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7389"
        },
        {
          "name": "RHSA-2023:7411",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7411"
        },
        {
          "name": "RHSA-2023:7418",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7418"
        },
        {
          "name": "RHSA-2023:7539",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7539"
        },
        {
          "name": "RHSA-2023:7558",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2023:7558"
        },
        {
          "name": "RHSA-2024:0089",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0089"
        },
        {
          "name": "RHSA-2024:0113",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0113"
        },
        {
          "name": "RHSA-2024:0134",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0134"
        },
        {
          "name": "RHSA-2024:0340",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0340"
        },
        {
          "name": "RHSA-2024:0346",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0346"
        },
        {
          "name": "RHSA-2024:0347",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0347"
        },
        {
          "name": "RHSA-2024:0371",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0371"
        },
        {
          "name": "RHSA-2024:0376",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0376"
        },
        {
          "name": "RHSA-2024:0378",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0378"
        },
        {
          "name": "RHSA-2024:0402",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0402"
        },
        {
          "name": "RHSA-2024:0403",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0403"
        },
        {
          "name": "RHSA-2024:0412",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0412"
        },
        {
          "name": "RHSA-2024:0461",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0461"
        },
        {
          "name": "RHSA-2024:0562",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0562"
        },
        {
          "name": "RHSA-2024:0563",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0563"
        },
        {
          "name": "RHSA-2024:0593",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0593"
        },
        {
          "name": "RHSA-2024:0999",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0999"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2023-42753"
        },
        {
          "name": "RHBZ#2239843",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239843"
        },
        {
          "url": "https://seclists.org/oss-sec/2023/q3/216"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2023-09-20T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2023-09-22T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Kernel: netfilter: potential slab-out-of-bound access due to integer underflow",
      "workarounds": [
        {
          "lang": "en",
          "value": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible."
        }
      ],
      "x_redhatCweChain": "CWE-191-\u003eCWE-787: Integer Underflow (Wrap or Wraparound) leads to Out-of-bounds Write"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-42753",
    "datePublished": "2023-09-25T20:25:59.706Z",
    "dateReserved": "2023-09-13T11:03:47.961Z",
    "dateUpdated": "2024-09-13T18:42:05.332Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-4622

Vulnerability from cvelistv5

Published

2023-09-06 13:56

Modified

2024-08-02 07:31

Severity

7.8 (High) - cvssV3_1 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

Use-after-free in Linux kernel's af_unix component

References

URL	Tags
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-6.1.y&id=790c2f9d15b594350ae9bca7b236f2b1859de02c	patch
https://kernel.dance/790c2f9d15b594350ae9bca7b236f2b1859de02c
https://www.debian.org/security/2023/dsa-5492
https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html
http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html
https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html

Impacted products

Vendor	Product
Linux	Kernel

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T07:31:06.586Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "patch",
              "x_transferred"
            ],
            "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-6.1.y\u0026id=790c2f9d15b594350ae9bca7b236f2b1859de02c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://kernel.dance/790c2f9d15b594350ae9bca7b236f2b1859de02c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5492"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Kernel",
          "repo": "https://git.kernel.org",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "6.1.47",
              "status": "affected",
              "version": "4.2",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Billy Jheng Bing-Jhong"
        }
      ],
      "datePublic": "2023-08-23T15:52:42+00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A use-after-free vulnerability in the Linux kernel\u0027s af_unix component can be exploited to achieve local privilege escalation.\n\nThe unix_stream_sendpage() function tries to add data to the last skb in the peer\u0027s recv queue without locking the queue. Thus there is a race where unix_stream_sendpage() could access an skb locklessly that is being released by garbage collection, resulting in use-after-free.\n\nWe recommend upgrading past commit 790c2f9d15b594350ae9bca7b236f2b1859de02c.\n\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-233",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-233 Privilege Escalation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "CWE-416 Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-09-06T13:56:56.355Z",
        "orgId": "14ed7db2-1595-443d-9d34-6215bf890778",
        "shortName": "Google"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-6.1.y\u0026id=790c2f9d15b594350ae9bca7b236f2b1859de02c"
        },
        {
          "url": "https://kernel.dance/790c2f9d15b594350ae9bca7b236f2b1859de02c"
        },
        {
          "url": "https://www.debian.org/security/2023/dsa-5492"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html"
        },
        {
          "url": "http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Use-after-free in Linux kernel\u0027s af_unix component",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778",
    "assignerShortName": "Google",
    "cveId": "CVE-2023-4622",
    "datePublished": "2023-09-06T13:56:56.355Z",
    "dateReserved": "2023-08-30T11:57:48.389Z",
    "dateUpdated": "2024-08-02T07:31:06.586Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Action not permitted

rhsa-2024_0340

Vulnerability from csaf_redhat

cve-2023-4623

Vulnerability from cvelistv5

cve-2023-5178

Vulnerability from cvelistv5

cve-2023-3812

Vulnerability from cvelistv5

cve-2023-42753

Vulnerability from cvelistv5

cve-2023-4622

Vulnerability from cvelistv5

Tags