Vulnerability CVE-2023-6121: Information
Description
An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a remote attacker to send a crafted TCP packet, triggering a heap-based buffer overflow that results in kmalloc data being printed and potentially leaked to the kernel ring buffer (dmesg).
Severity: MEDIUM (4.3) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
---|---|
https://access.redhat.com/security/cve/CVE-2023-6121 |
|
RHBZ#2250043 |
|
https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html | |
RHSA-2024:2394 | |
RHSA-2024:2950 | |
RHSA-2024:3138 |