7.5
CVE-2023-1390
- EPSS 0.64%
- Veröffentlicht 16.03.2023 21:15:11
- Zuletzt bearbeitet 23.04.2025 17:16:25
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
LoginA remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipc_link_xmit() hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization for the system to instantly spike to 100%, causing a denial of service condition.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 4.3 < 4.9.253
Linux ≫ Linux Kernel Version >= 4.10 < 4.14.217
Linux ≫ Linux Kernel Version >= 4.15 < 4.19.170
Linux ≫ Linux Kernel Version >= 4.20 < 5.4.92
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.10
Linux ≫ Linux Kernel Version5.11 Updaterc1
Linux ≫ Linux Kernel Version5.11 Updaterc2
Linux ≫ Linux Kernel Version5.11 Updaterc3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.64% | 0.697 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-1050 Excessive Platform Resource Consumption within a Loop
The product has a loop body or loop condition that contains a control element that directly or indirectly consumes platform resources, e.g. messaging, sessions, locks, or file descriptors.