CVE-2023-3106

2023-07-1200:00:00

ubuntu.com

null pointer dereference

netlink socket

denial of service

xfrm_msg_getsa

xfrm_msg_getpolicy

privilege escalation

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

5.1%

JSON

A NULL pointer dereference vulnerability was found in netlink_dump. This
issue can occur when the Netlink socket receives the message(sendmsg) for
the XFRM_MSG_GETSA, XFRM_MSG_GETPOLICY type message, and the DUMP flag is
set and can cause a denial of service or possibly another unspecified
impact. Due to the nature of the flaw, privilege escalation cannot be fully
ruled out, although it is unlikely.

OSVersionArchitecturePackageVersionFilename
ubuntu16.04noarchlinux< 4.4.0-184.214UNKNOWN
ubuntu14.04noarchlinux-aws< 4.4.0-1073.77UNKNOWN
ubuntu16.04noarchlinux-aws< 4.4.0-1109.120UNKNOWN
ubuntu16.04noarchlinux-kvm< 4.4.0-1075.82UNKNOWN
ubuntu14.04noarchlinux-lts-xenial< 4.4.0-184.214~14.04.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	16.04	noarch	linux	< 4.4.0-184.214	UNKNOWN
ubuntu	14.04	noarch	linux-aws	< 4.4.0-1073.77	UNKNOWN
ubuntu	16.04	noarch	linux-aws	< 4.4.0-1109.120	UNKNOWN
ubuntu	16.04	noarch	linux-kvm	< 4.4.0-1075.82	UNKNOWN
ubuntu	14.04	noarch	linux-lts-xenial	< 4.4.0-184.214~14.04.1	UNKNOWN