CVE-2023-6535

{"id": "CVE-2023-6535", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2024-02-07T21:15:08.530", "references": [{"url": "https://access.redhat.com/errata/RHSA-2024:0723", "tags": ["Third Party Advisory"], "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2024:0724", "tags": ["Third Party Advisory"], "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2024:0725", "tags": ["Third Party Advisory"], "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2024:0881", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2024:0897", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2024:1248", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2024:2094", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2024:3810", "source": "[email protected]"}, {"url": "https://access.redhat.com/security/cve/CVE-2023-6535", "tags": ["Third Party Advisory"], "source": "[email protected]"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254053", "tags": ["Issue Tracking"], "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2024:0723", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://access.redhat.com/errata/RHSA-2024:0724", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://access.redhat.com/errata/RHSA-2024:0725", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://access.redhat.com/errata/RHSA-2024:0881", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://access.redhat.com/errata/RHSA-2024:0897", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://access.redhat.com/errata/RHSA-2024:1248", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://access.redhat.com/errata/RHSA-2024:2094", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://access.redhat.com/errata/RHSA-2024:3810", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://access.redhat.com/security/cve/CVE-2023-6535", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254053", "tags": ["Issue Tracking"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/ZFYW6R64GPLUOXSQBJI3JBUX3HGLAYPP/", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://security.netapp.com/advisory/ntap-20240415-0003/", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-476"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service."}, {"lang": "es", "value": "Se encontr\u00f3 una falla en el controlador NVMe del kernel de Linux. Este problema puede permitir que un actor malicioso no autenticado env\u00ede un conjunto de paquetes TCP manipulados cuando usa NVMe sobre TCP, lo que lleva al controlador NVMe a una desreferencia del puntero NULL en el controlador NVMe, lo que provoca p\u00e1nico en el kernel y una denegaci\u00f3n de servicio."}], "lastModified": "2025-11-04T19:16:24.490", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_eus:8.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8BE16CC2-C6B4-4B73-98A1-F28475A92F49"}, {"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_eus:9.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "936B046D-ADEB-4701-8957-AC28CFA9C5C9"}, {"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian_eus:8.6_ppc64le:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "78680986-99FE-4817-BF78-65D7164DFB19"}, {"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "056DABF5-0C1D-4EBA-B02B-443BACB20D6F"}, {"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:8.6_aarch64:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "02F08DBD-4BD0-408D-B817-04B2EB82137E"}, {"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.2_aarch64:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09AAD850-019A-46B8-A5A1-845DE048D30A"}, {"criteria": "cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "86034E5B-BCDD-4AFD-A460-38E790F608F5"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6C3741B8-851F-475D-B428-523F4F722350"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C74F6FA-FA6C-4648-9079-91446E45EE47"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.6_aarch64:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "37B7CE5C-BFEA-4F96-9759-D511EF189059"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.2_aarch64:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9A879F9F-F087-45D4-BD65-2990276477D2"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6_s390x:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B758EDC9-6421-422C-899E-A273D2936D8E"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "26041661-0280-4544-AA0A-BC28FCED4699"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6_ppc64le:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D9C30C59-07F7-4CCE-B057-052ECCD36DB8"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "99952557-C766-4B9E-8BF5-DBBA194349FF"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time:9.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "73455AA0-6962-462D-8AA8-2C644BC9951F"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:9.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD9E97F6-56E0-4C26-8F01-D57002917A6D"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "76C24D94-834A-4E9D-8F73-624AFA99AAA2"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F32CA554-F9D7-425B-8F1C-89678507F28C"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.6_ppc64le:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6C138DAF-9769-43B0-A9E6-320738EB3415"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.2_ppc64le:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CC6A25CB-907A-4D05-8460-A2488938A8BE"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1272DF03-7674-4BD4-8E64-94004B195448"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BB28F9AF-3D06-4532-B397-96D7E4792503"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "[email protected]"}