An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported family); While creating a new netfilter table, lack of a safeguard against invalid nf_tables family (pf) values within `nf_tables_newtable` function enables an attacker to achieve out-of-bounds access.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
21 Nov 2024, 08:43
Type | Values Removed | Values Added |
---|---|---|
References | () http://packetstormsecurity.com/files/177029/Kernel-Live-Patch-Security-Notice-LSN-0100-1.html - Third Party Advisory, VDB Entry | |
References | () http://www.openwall.com/lists/oss-security/2024/01/12/1 - Mailing List, Patch, Third Party Advisory | |
References | () https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6040 - Third Party Advisory | |
References | () https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html - Mailing List, Third Party Advisory | |
References | () https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html - Mailing List, Third Party Advisory | |
References | () https://www.openwall.com/lists/oss-security/2024/01/12/1 - Mailing List, Third Party Advisory |
27 Aug 2024, 15:15
Type | Values Removed | Values Added |
---|---|---|
References | () http://packetstormsecurity.com/files/177029/Kernel-Live-Patch-Security-Notice-LSN-0100-1.html - Third Party Advisory, VDB Entry | |
References | () https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html - Mailing List, Third Party Advisory | |
References | () https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html - Mailing List, Third Party Advisory | |
First Time |
Debian
Debian debian Linux |
|
CPE | cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* |
27 Jun 2024, 13:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
25 Jun 2024, 21:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
08 Feb 2024, 16:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
22 Jan 2024, 16:00
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-01-12 02:15
Updated : 2024-11-21 08:43
NVD link : CVE-2023-6040
Mitre link : CVE-2023-6040
CVE.ORG link : CVE-2023-6040
JSON object : View
Products Affected
debian
- debian_linux
linux
- linux_kernel
CWE
CWE-125
Out-of-bounds Read