Vulnerabilities > CVE-2023-6356 - NULL Pointer Dereference vulnerability in multiple products

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
redhat
linux
debian
CWE-476
NVD
Published: 2024-02-07
Updated: 2024-09-14

Summary

A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service.

Vulnerable Configurations

Part Description Count
OS
Redhat
17
OS
Linux
1359
OS
Debian
1
Application
Redhat
8

Common Weakness Enumeration (CWE)

References