5.5

CVE-2023-6622

Kernel: null pointer dereference vulnerability in nft_dynset_init()

A null pointer dereference vulnerability was found in nft_dynset_init() in net/netfilter/nft_dynset.c in nf_tables in the Linux kernel. This issue may allow a local attacker with CAP_NET_ADMIN user privilege to trigger a denial of service.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
FedoraprojectFedora Version38
FedoraprojectFedora Version39
LinuxLinux Kernel Version >= 5.11 <= 6.6
LinuxLinux Kernel Version6.7 Updaterc1
LinuxLinux Kernel Version6.7 Updaterc2
LinuxLinux Kernel Version6.7 Updaterc3
LinuxLinux Kernel Version6.7 Updaterc4
RedhatEnterprise Linux Version8.0
RedhatEnterprise Linux Version9.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.32% 0.24
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
secalert@redhat.com 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://access.redhat.com/errata/RHSA-2024:2394
Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:2950
Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:3138
Third Party Advisory
https://access.redhat.com/security/cve/CVE-2023-6622
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2253632
Patch
Issue Tracking
https://github.com/torvalds/linux/commit/3701cd390fd731ee7ae8b8006246c8db82c72bea
Patch
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAOVK2F3ALGKYIQ5IOMAYEC2DGI7BWAW/
Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G3AGDVE3KBLOOYBPISFDS74R4YAZEDAY/
Third Party Advisory