Vulnerabilities > CVE-2023-4459 - NULL Pointer Dereference vulnerability in multiple products

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
local
low complexity
linux
redhat
CWE-476
NVD
Published: 2023-08-21
Updated: 2024-04-25

Summary

A NULL pointer dereference flaw was found in vmxnet3_rq_cleanup in drivers/net/vmxnet3/vmxnet3_drv.c in the networking sub-component in vmxnet3 in the Linux Kernel. This issue may allow a local attacker with normal user privilege to cause a denial of service due to a missing sanity check during cleanup.

Vulnerable Configurations

Part Description Count
OS
Linux
1025
OS
Redhat
2

Common Weakness Enumeration (CWE)

References