VDB

CNVD-2023-56638

CNVD-2023-56638 PUBLISHED CVSS 6.599999904632568 MEDIUM

Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux Kernel存在拒绝服务漏洞,该漏洞源于当Netlink套接字收到XFRM_MSG_GETSA、XFRM_MSG_GETPOLICY类型消息的消息(sendmsg)并且设置了DUMP标志时,可能会出现NULL指针取消引用,攻击者可利用该漏洞导致拒绝服务。

Risk Scores

CVSS 3.1
6.599999904632568
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

Affected Products

VendorProductVersions
Red HatRed Hat Enterprise Linux 7
Red HatRed Hat Enterprise Linux 9
Red HatRed Hat Enterprise Linux 7
Red HatRed Hat Enterprise Linux 8
Red HatRed Hat Enterprise Linux 9
Red HatRed Hat Enterprise Linux 8
Red HatRed Hat Enterprise Linux 6

Timeline

  • Jul 12, 2023 CVE Published
  • Jul 12, 2023 PoC Published
  • Jul 14, 2023 CVE ID Reserved
Open in Interactive Console →
$ Console Community · 100/wk Open console ›