Vulnerabilities > CVE-2023-6622 - NULL Pointer Dereference vulnerability in multiple products

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

linux

redhat

CWE-476

NVD

Published: 2023-12-08

Updated: 2024-09-14

Summary

A null pointer dereference vulnerability was found in nft_dynset_init() in net/netfilter/nft_dynset.c in nf_tables in the Linux kernel. This issue may allow a local attacker with CAP_NET_ADMIN user privilege to trigger a denial of service.

Vulnerable Configurations

Part	Description	Count
OS	Linux Linux Linux Kernel 6.7 Linux Linux Kernel 2.4.35.2 Linux Linux Kernel 2.6.20 Linux Linux Kernel 2.6.20.15 Linux Linux Kernel 2.6.21 Linux Linux Kernel 2.6.22.3 Linux Linux Kernel 2.6.22.4 Linux Linux Kernel 2.6.22.5 Linux Linux Kernel 2.6.22.7 Linux Linux Kernel 2.6.23 Linux Linux Kernel 2.6.23.4 Linux Linux Kernel 2.6.23.5 Linux Linux Kernel 2.6.23.6 Linux Linux Kernel 2.6.23.7 Linux Linux Kernel 2.6.24	24
OS	Redhat Redhat Enterprise Linux 8.0 Redhat Enterprise Linux 9.0	2

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References