5.9

CVE-2023-2593

A flaw exists within the Linux kernel's handling of new TCP connections. The issue results from the lack of memory release after its effective lifetime. This vulnerability allows an unauthenticated attacker to create a denial of service condition on the system.

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
Collection URLhttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/
Package linux
Default Statusunaffected
Version < 6.3.*
Version 6.3.0
Status affected
Version < 6.2.0-rc4
Version 6.2.0
Status affected
Version < 6.1.5
Version 6.1.0
Status affected
Version < 6.0.19
Version 6.0.0
Status affected
Version < 5.15.87
Version 0
Status affected
VendorRed Hat
Product Red Hat Enterprise Linux 10
Default Statusunaffected
VendorRed Hat
Product Red Hat Enterprise Linux 6
Default Statusunaffected
VendorRed Hat
Product Red Hat Enterprise Linux 7
Default Statusunaffected
VendorRed Hat
Product Red Hat Enterprise Linux 7
Default Statusunaffected
VendorRed Hat
Product Red Hat Enterprise Linux 8
Default Statusunaffected
VendorRed Hat
Product Red Hat Enterprise Linux 8
Default Statusunaffected
VendorRed Hat
Product Red Hat Enterprise Linux 9
Default Statusunaffected
VendorRed Hat
Product Red Hat Enterprise Linux 9
Default Statusunaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.02% 0.046
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
secalert@redhat.com 5.9 2.2 3.6
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.