CVE-2023-6176

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2023-6176

Severity

4.7

Medium

CVSS V3

Description

A null pointer dereference flaw was found in the Linux kernel API for the cryptographic algorithm scatterwalk functionality. This issue occurs when a user constructs a malicious packet with specific socket configuration, which could allow a local user to crash the system or escalate their privileges on the system.

References

https://images.chainguard.dev/security/CGA-xq6c-4jjc-77j5
https://github.com/advisories/GHSA-fq9v-vwjc-pv76
https://images.chainguard.dev/security/CGA-4w2q-v5wh-cq2x
https://images.chainguard.dev/security/CGA-w8r4-3qrp-q4vx
https://images.chainguard.dev/security/CGA-7jg4-c46p-2f57
https://images.chainguard.dev/security/CGA-vxch-hfw3-vfm7
https://images.chainguard.dev/security/CGA-c8hj-vg5x-q85h
https://images.chainguard.dev/security/CGA-g329-pgwg-q44h
https://images.chainguard.dev/security/CGA-ww25-jvhp-gv3v
https://images.chainguard.dev/security/CGA-hgwc-q4w7-hc6q
https://images.chainguard.dev/security/CGA-g44g-3qh6-j5p4
https://access.redhat.com/errata/RHSA-2024:2394
https://access.redhat.com/errata/RHSA-2024:2950
https://access.redhat.com/errata/RHSA-2024:3138
https://access.redhat.com/security/cve/CVE-2023-6176
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cfaa80c91f6f99b9342b6557f0f0e1143e434066
https://bugzilla.redhat.com/show_bug.cgi?id=2219359
http://packetstormsecurity.com/files/177029/Kernel-Live-Patch-Security-Notice-LSN-0100-1.html

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

The trusted source for open source

Talk to an expert

Privacy

Terms

CVE-2023-6176

Severity

Description

References

Affected packages

The trusted source for open source

Product

Solutions

Customers

Resources

Company