An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a remote attacker to send a crafted TCP packet, triggering a heap-based buffer overflow that results in kmalloc data being printed and potentially leaked to the kernel ring buffer (dmesg).
References
Link | Resource |
---|---|
https://access.redhat.com/errata/RHSA-2024:2394 | |
https://access.redhat.com/errata/RHSA-2024:2950 | |
https://access.redhat.com/errata/RHSA-2024:3138 | |
https://access.redhat.com/security/cve/CVE-2023-6121 | Third Party Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=2250043 | Issue Tracking Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
14 Sep 2024, 00:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
22 May 2024, 17:16
Type | Values Removed | Values Added |
---|---|---|
References |
|
30 Apr 2024, 14:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
20 Dec 2023, 19:15
Type | Values Removed | Values Added |
---|---|---|
Summary | An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a remote attacker to send a crafted TCP packet, triggering a heap-based buffer overflow that results in kmalloc data being printed and potentially leaked to the kernel ring buffer (dmesg). |
28 Nov 2023, 19:07
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-11-16 15:15
Updated : 2024-09-14 00:15
NVD link : CVE-2023-6121
Mitre link : CVE-2023-6121
CVE.ORG link : CVE-2023-6121
JSON object : View
Products Affected
redhat
- enterprise_linux
CWE
CWE-125
Out-of-bounds Read