Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2023-6176
HistoryNov 16, 2023 - 12:00 a.m.

CVE-2023-6176

2023-11-1600:00:00
ubuntu.com
ubuntu.com
21
cve-2023-6176
linux kernel
cryptographic algorithm scatterwalk
null pointer dereference
privilege escalation

4.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

7.7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

A null pointer dereference flaw was found in the Linux kernel API for the
cryptographic algorithm scatterwalk functionality. This issue occurs when a
user constructs a malicious packet with specific socket configuration,
which could allow a local user to crash the system or escalate their
privileges on the system.

Bugs

Notes

Author Note
Priority reason: Possible privilege escalation issue
OSVersionArchitecturePackageVersionFilename
ubuntu20.04noarchlinux< 5.4.0-169.187UNKNOWN
ubuntu22.04noarchlinux< 5.15.0-94.104UNKNOWN
ubuntu23.10noarchlinux< 6.5.0-17.17UNKNOWN
ubuntu20.04noarchlinux-aws< 5.4.0-1116.126UNKNOWN
ubuntu22.04noarchlinux-aws< 5.15.0-1053.58UNKNOWN
ubuntu23.10noarchlinux-aws< 6.5.0-1013.13UNKNOWN
ubuntu20.04noarchlinux-aws-5.15< 5.15.0-1053.58~20.04.1UNKNOWN
ubuntu18.04noarchlinux-aws-5.4< 5.4.0-1116.126~18.04.1UNKNOWN
ubuntu20.04noarchlinux-azure< 5.4.0-1121.128UNKNOWN
ubuntu22.04noarchlinux-azure< 5.15.0-1056.64UNKNOWN
Rows per page:
1-10 of 601

References

Related

prion 1
redhatcve 1
cve 1
cvelist 1
nvd 1
debiancve 1
nessus 46
openvas 26
ubuntu 14
osv 16
mageia 2
redhat 4
rocky 2
ibm 2
oraclelinux 2
prion
prion
Null pointer dereference
2023-11-16 18:15:00
redhatcve
redhatcve
CVE-2023-6176
2023-11-16 13:45:11
cve
cve
CVE-2023-6176
2023-11-16 18:15:07
cvelist
cvelist
CVE-2023-6176 Kernel: local dos vulnerability in scatterwalk_copychunks
2023-11-16 17:15:44
nvd
nvd
CVE-2023-6176
2023-11-16 18:15:07
debiancve
debiancve
CVE-2023-6176
2023-11-16 18:15:07
nessus
nessus
SUSE SLES15 Security Update : kernel (Live Patch 33 for SLE 15 SP2) (SUSE-SU-2024:0389-1)
2024-02-07 00:00:00
SUSE SLES15 Security Update : kernel (Live Patch 30 for SLE 15 SP3) (SUSE-SU-2024:0411-1)
2024-02-07 00:00:00
SUSE SLES15 Security Update : kernel (Live Patch 20 for SLE 15 SP4) (SUSE-SU-2024:0428-1)
2024-02-09 00:00:00
openvas
openvas
openSUSE: Security Advisory for the Linux Kernel (Live Patch 35 for SLE 15 SP3) (SUSE-SU-2024:0411-1)
2024-03-04 00:00:00
openSUSE: Security Advisory for the Linux Kernel (Live Patch 20 for SLE 15 SP4) (SUSE-SU-2024:0428-1)
2024-03-04 00:00:00
openSUSE: Security Advisory for the Linux Kernel (Live Patch 7 for SLE 15 SP4) (SUSE-SU-2024:0421-1)
2024-03-04 00:00:00
ubuntu
ubuntu
Kernel Live Patch Security Notice
2024-02-07 00:00:00
Kernel Live Patch Security Notice
2024-04-03 00:00:00
Linux kernel vulnerabilities
2024-02-07 00:00:00
osv
osv
linux, linux-aws, linux-gcp, linux-hwe-6.5, linux-laptop, linux-lowlatency, linux-lowlatency-hwe-6.5, linux-oem-6.5, linux-oracle, linux-raspi, linux-starfive vulnerabilities
2024-02-07 20:16:40
linux-gkeop vulnerabilities
2024-01-09 18:41:28
linux-oracle vulnerabilities
2023-12-13 14:09:42
mageia
mageia
Updated kernel-linus packages fix security vulnerabilities
2023-11-30 01:29:41
Updated kernel packages fix security vulnerabilities and other bugs
2023-11-28 20:12:52
redhat
redhat
(RHSA-2024:2950) Moderate: kernel-rt security and bug fix update
2024-05-22 06:35:10
(RHSA-2024:3138) Moderate: kernel security, bug fix, and enhancement update
2024-05-22 06:35:43
(RHSA-2024:2394) Important: kernel security, bug fix, and enhancement update
2024-04-30 06:15:35
rocky
rocky
kernel-rt security and bug fix update
2024-06-14 13:59:36
kernel security, bug fix, and enhancement update
2024-06-14 13:59:16
ibm
ibm
Security Bulletin: IBM QRadar SIEM contains multiple kernel vulnerabilities
2024-06-07 15:32:38
Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps
2024-06-26 16:06:34
oraclelinux
oraclelinux
kernel security, bug fix, and enhancement update
2024-05-02 00:00:00
kernel security, bug fix, and enhancement update
2024-05-23 00:00:00

4.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

7.7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON
Related for UB:CVE-2023-6176
prion1redhatcve1cve1cvelist1nvd1debiancve1nessus46openvas26ubuntu14osv16mageia2redhat4rocky2ibm2oraclelinux2