RedhatCVELIST:CVE-2023-2162

HistoryApr 19, 2023 - 12:00 a.m.

CVE-2023-2162

2023-04-1900:00:00

CWE-416

redhat

www.cve.org

vulnerability

linux kernel

iscsi_sw_tcp_session_create

drivers

scsi

iscsi_tcp.c

scsi

attacker

kernel internal information

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.5%

JSON

A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information.

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "Kernel",
    "versions": [
      {
        "version": "Linux Kernel version prior to Kernel 6.2 RC6",
        "status": "affected"
      }
    ]
  }
]

References

lists.debian.org/debian-lts-announce/2023/05/msg00005.html

lists.debian.org/debian-lts-announce/2023/05/msg00006.html

CVE-2023-2162

CNA Affected

References

Related