8.8

CVE-2023-5178

Kernel: use after free in nvmet_tcp_free_crypto in nvme

A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel. This issue may allow a malicious user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.0 < 5.4.260
LinuxLinux Kernel Version >= 5.5 < 5.10.199
LinuxLinux Kernel Version >= 5.11 < 5.15.137
LinuxLinux Kernel Version >= 5.16 < 6.1.60
LinuxLinux Kernel Version >= 6.2 < 6.5.9
RedhatEnterprise Linux Version8.0
RedhatEnterprise Linux Version9.0
NetappActive Iq Unified Manager Version- SwPlatformvmware_vsphere
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 9.14% 0.947
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 8.8 2.8 5.9
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
secalert@redhat.com 8.8 2.8 5.9
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html
https://access.redhat.com/errata/RHSA-2024:0412
Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0431
Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0432
Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0575
Third Party Advisory
https://access.redhat.com/errata/RHSA-2023:7370
Third Party Advisory
https://access.redhat.com/errata/RHSA-2023:7379
Third Party Advisory
https://access.redhat.com/errata/RHSA-2023:7418
Third Party Advisory
https://access.redhat.com/errata/RHSA-2023:7548
Third Party Advisory
https://access.redhat.com/errata/RHSA-2023:7549
Third Party Advisory
https://access.redhat.com/errata/RHSA-2023:7554
Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0340
Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0378
Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0461
Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0554
Third Party Advisory
https://access.redhat.com/errata/RHSA-2023:7551
Third Party Advisory
https://access.redhat.com/errata/RHSA-2023:7557
Third Party Advisory
https://access.redhat.com/errata/RHSA-2023:7559
Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0386
Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:1268
Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:1269
Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:1278
Third Party Advisory
https://access.redhat.com/security/cve/CVE-2023-5178
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2241924
Third Party Advisory
Issue Tracking
https://lore.kernel.org/linux-nvme/20231002105428.226515-1-sagi@grimberg.me/
Patch
Vendor Advisory
Mailing List
https://security.netapp.com/advisory/ntap-20231208-0004/