Lucene search
HistoryJun 30, 2023 - 10:15 p.m.
CVE-2023-3338
linux
kernel
decnet
networking
protocol
vulnerability
cve-2023-3338
nvd
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.4 Medium
AI Score
Confidence
High
0.006 Low
EPSS
Percentile
79.1%
A null pointer dereference flaw was found in the Linux kernel’s DECnet networking protocol. This issue could allow a remote user to crash the system.
Affected configurations
Node
linuxlinux_kernelRange<6.5
Node
netappactive_iq_unified_managerMatch-vsphere
Node
debiandebian_linuxMatch10.0
ORdebiandebian_linuxMatch11.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| linux:linux_kernel | linux linux kernel | lt | 6.5 |
CNA Affected
[
{
"product": "kernel",
"vendor": "n/a",
"versions": [
{
"version": "6.5-rc1",
"status": "unaffected"
}
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 6",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 7",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 7",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel-rt",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel-rt",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kernel-rt",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
]
},
{
"product": "Fedora",
"vendor": "Fedora",
"collectionURL": "https://packages.fedoraproject.org/",
"packageName": "kernel",
"defaultStatus": "affected"
}
]References
access.redhat.com/security/cve/CVE-2023-3338
bugzilla.redhat.com/show_bug.cgi?id=2218618
lists.debian.org/debian-lts-announce/2023/07/msg00030.html
lists.debian.org/debian-lts-announce/2023/10/msg00027.html
seclists.org/oss-sec/2023/q2/276
security.netapp.com/advisory/ntap-20230824-0005/
www.debian.org/security/2023/dsa-5480
Related
cbl_mariner
cbl_mariner
redhatcve
redhatcve
CVE-2023-3338
2023-06-29 17:17:11
prion
prion
Null pointer dereference
2023-06-30 22:15:00
osv
osv
CVE-2023-3338
2023-06-30 22:15:10
linux-hwe-5.15, linux-oracle-5.15 vulnerabilities
2023-10-06 13:13:53
githubexploit
githubexploit
Exploit for NULL Pointer Dereference in Linux Linux Kernel
2023-06-29 10:12:18
Exploit for NULL Pointer Dereference in Linux Linux Kernel
2023-06-29 10:12:18
ubuntucve
ubuntucve
CVE-2023-3338
2023-06-30 00:00:00
cvelist
cvelist
debiancve
debiancve
CVE-2023-3338
2023-06-30 22:15:10
nvd
nvd
CVE-2023-3338
2023-06-30 22:15:10
openvas
openvas
Mageia: Security Advisory (MGASA-2023-0238)
2023-07-20 00:00:00
Mageia: Security Advisory (MGASA-2023-0237)
2023-07-20 00:00:00
Ubuntu: Security Advisory (USN-6417-1)
2023-10-05 00:00:00
mageia
mageia
Updated kernel-linus packages fix security vulnerabilities
2023-07-19 22:53:31
Updated kernel packages fix security vulnerabilities
2023-07-19 22:53:31
photon
photon
Important Photon OS Security Update - PHSA-2023-3.0-0621
2023-07-29 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2023-10-04 00:00:00
Linux kernel vulnerabilities
2023-10-04 00:00:00
Linux kernel vulnerabilities
2023-10-06 00:00:00
nessus
nessus
Ubuntu 18.04 ESM / 20.04 LTS : Linux kernel vulnerabilities (USN-6417-1)
2023-10-05 00:00:00
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6416-1)
2023-10-04 00:00:00
Ubuntu 22.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-6416-3)
2023-10-19 00:00:00
debian
debian
[SECURITY] [DLA 3508-1] linux security update
2023-07-27 19:06:07
[SECURITY] [DSA 5480-1] linux security update
2023-08-18 19:01:58
[SECURITY] [DLA 3623-1] linux-5.10 security update
2023-10-19 21:24:05
slackware
slackware
[slackware-security] Slackware 15.0 kernel
2023-11-21 21:37:49
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.4 Medium
AI Score
Confidence
High
0.006 Low
EPSS
Percentile
79.1%
Related for CVE-2023-3338