Vulnerabilities > CVE-2023-6536 - NULL Pointer Dereference vulnerability in multiple products

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
linux
redhat
debian
CWE-476

Summary

A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.

Vulnerable Configurations

Part Description Count
OS
Linux
1365
OS
Redhat
17
OS
Debian
1
Application
Redhat
8

Common Weakness Enumeration (CWE)