CVE-2023-4459

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-4459
A NULL pointer dereference flaw was found in vmxnet3_rq_cleanup in drivers/net/vmxnet3/vmxnet3_drv.c in the networking sub-component in vmxnet3 in the Linux Kernel. This issue may allow a local attacker with normal user privilege to cause a denial of service due to a missing sanity check during cleanup.

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://access.redhat.com/errata/RHSA-2024:0412
https://access.redhat.com/errata/RHSA-2024:1250
https://access.redhat.com/errata/RHSA-2024:1306
https://access.redhat.com/errata/RHSA-2024:1367
https://access.redhat.com/errata/RHSA-2024:1382
https://access.redhat.com/errata/RHSA-2024:2006
https://access.redhat.com/errata/RHSA-2024:2008
https://access.redhat.com/security/cve/CVE-2023-4459 Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2219268 Issue Tracking Patch
https://github.com/torvalds/linux/commit/edf410cb74dc612fd47ef5be319c5a0bcd6e6ccd Patch
Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
History

25 Apr 2024, 14:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:2006 -
  • () https://access.redhat.com/errata/RHSA-2024:2008 -

19 Mar 2024, 17:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:1382 -

19 Mar 2024, 05:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:1367 -

13 Mar 2024, 15:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:1306 -

12 Mar 2024, 04:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:1250 -

25 Jan 2024, 20:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:0412 -

24 Aug 2023, 21:40

Type Values Removed Values Added
First Time Redhat
Redhat enterprise Linux
Linux linux Kernel
Linux
CWE CWE-476
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.5
CPE cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
References (MISC) https://github.com/torvalds/linux/commit/edf410cb74dc612fd47ef5be319c5a0bcd6e6ccd - (MISC) https://github.com/torvalds/linux/commit/edf410cb74dc612fd47ef5be319c5a0bcd6e6ccd - Patch
References (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2219268 - (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2219268 - Issue Tracking, Patch
References (MISC) https://access.redhat.com/security/cve/CVE-2023-4459 - (MISC) https://access.redhat.com/security/cve/CVE-2023-4459 - Third Party Advisory

22 Aug 2023, 12:41

Type Values Removed Values Added
New CVE
Information

Published : 2023-08-21 19:15

Updated : 2024-04-25 14:15

NVD link : CVE-2023-4459

Mitre link : CVE-2023-4459

CVE.ORG link : CVE-2023-4459

JSON object : View

Products Affected

linux

  • linux_kernel

redhat

  • enterprise_linux
CWE
CWE-476

NULL Pointer Dereference


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024