CVE-2023-6040

An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported family); While creating a new netfilter table, lack of a safeguard against invalid nf_tables family (pf) values within `nf_tables_newtable` function enables an attacker to achieve out-of-bounds access.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

History

21 Nov 2024, 08:43

Type Values Removed Values Added
References () http://packetstormsecurity.com/files/177029/Kernel-Live-Patch-Security-Notice-LSN-0100-1.html - Third Party Advisory, VDB Entry () http://packetstormsecurity.com/files/177029/Kernel-Live-Patch-Security-Notice-LSN-0100-1.html - Third Party Advisory, VDB Entry
References () http://www.openwall.com/lists/oss-security/2024/01/12/1 - Mailing List, Patch, Third Party Advisory () http://www.openwall.com/lists/oss-security/2024/01/12/1 - Mailing List, Patch, Third Party Advisory
References () https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6040 - Third Party Advisory () https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6040 - Third Party Advisory
References () https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html - Mailing List, Third Party Advisory () https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html - Mailing List, Third Party Advisory
References () https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html - Mailing List, Third Party Advisory () https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html - Mailing List, Third Party Advisory
References () https://www.openwall.com/lists/oss-security/2024/01/12/1 - Mailing List, Third Party Advisory () https://www.openwall.com/lists/oss-security/2024/01/12/1 - Mailing List, Third Party Advisory

27 Aug 2024, 15:15

Type Values Removed Values Added
References () http://packetstormsecurity.com/files/177029/Kernel-Live-Patch-Security-Notice-LSN-0100-1.html - () http://packetstormsecurity.com/files/177029/Kernel-Live-Patch-Security-Notice-LSN-0100-1.html - Third Party Advisory, VDB Entry
References () https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html - () https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html - Mailing List, Third Party Advisory
References () https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html - () https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html - Mailing List, Third Party Advisory
First Time Debian
Debian debian Linux
CPE cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

27 Jun 2024, 13:15

Type Values Removed Values Added
References
  • () https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html -

25 Jun 2024, 21:15

Type Values Removed Values Added
References
  • () https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html -

08 Feb 2024, 16:15

Type Values Removed Values Added
References
  • () http://packetstormsecurity.com/files/177029/Kernel-Live-Patch-Security-Notice-LSN-0100-1.html -

22 Jan 2024, 16:00

Type Values Removed Values Added
New CVE

Information

Published : 2024-01-12 02:15

Updated : 2024-11-21 08:43


NVD link : CVE-2023-6040

Mitre link : CVE-2023-6040

CVE.ORG link : CVE-2023-6040


JSON object : View

Products Affected

debian

  • debian_linux

linux

  • linux_kernel
CWE
CWE-125

Out-of-bounds Read