Linux Kernel NVMe over TCP NULL ptr deref Kernel Panic/DoS
CVE-2023-6536 Published on February 7, 2024

A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Vulnerability Analysis

CVE-2023-6536 is exploitable with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Attack Vector:

NETWORK

Attack Complexity:

LOW

Privileges Required:

LOW

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

NONE

Integrity Impact:

NONE

Availability Impact:

HIGH

Weakness Type

NULL Pointer Dereference

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit. NULL pointer dereference issues can occur through a number of flaws, including race conditions, and simple programming omissions.

Products Associated with CVE-2023-6536

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2023-6536 are published in these products:

Linux Kernel

Red Hat Enterprise Linux (RHEL)

Red Hat Enterprise Linux Server Aus

Red Hat Enterprise Linux Server Tus

Red Hat Enterprise Linux Eus

Red Hat Codeready Linux Builder Eus

Red Hat Enterprise Linux Power Little Endian Eus

Red Hat Codeready Linux Builder Arm64 Eus

Red Hat Codeready Linux Builder Ibm Z Systems Eus

Red Hat Codeready Linux Builder Eus Power Little Endian Eus

Red Hat Enterprise Linux Server Power Little Endian Update Services Sap Solutions

Red Hat Enterprise Linux Arm 64 Eus

Red Hat Enterprise Linux Ibm Z Systems Eus

Red Hat Enterprise Linux Real Time Nfv

Red Hat Enterprise Linux For Real Time

Canonical Ubuntu Linux

Debian Linux

Red Hat Rhev Hypervisor

Red Hat Rhel Eus

Red Hat Logging

Affected Versions

Red Hat Enterprise Linux 8:

Version 0:4.18.0-513.18.1.rt7.320.el8_9 and below * is unaffected.

Red Hat Enterprise Linux 8:

Version 0:4.18.0-513.18.1.el8_9 and below * is unaffected.

Red Hat Enterprise Linux 8.6 Extended Update Support:

Version 0:4.18.0-372.91.1.el8_6 and below * is unaffected.

Red Hat Enterprise Linux 8.8 Extended Update Support:

Version 0:4.18.0-477.58.1.el8_8 and below * is unaffected.

Red Hat Enterprise Linux 9:

Version 0:5.14.0-362.24.1.el9_3 and below * is unaffected.

Red Hat Enterprise Linux 9:

Version 0:5.14.0-362.24.1.el9_3 and below * is unaffected.

Red Hat Enterprise Linux 9.2 Extended Update Support:

Version 0:5.14.0-284.52.1.el9_2 and below * is unaffected.

Red Hat Enterprise Linux 9.2 Extended Update Support:

Version 0:5.14.0-284.52.1.rt14.337.el9_2 and below * is unaffected.

Red Hat Virtualization 4 for Red Hat Enterprise Linux 8:

Version 0:4.18.0-372.91.1.el8_6 and below * is unaffected.

Red Hat RHOL-5.8-RHEL-9:

Version v5.8.6-22 and below * is unaffected.

Red Hat RHOL-5.8-RHEL-9:

Version v5.8.6-11 and below * is unaffected.

Red Hat RHOL-5.8-RHEL-9:

Version v6.8.1-407 and below * is unaffected.

Red Hat RHOL-5.8-RHEL-9:

Version v5.8.6-19 and below * is unaffected.

Red Hat RHOL-5.8-RHEL-9:

Version v1.0.0-479 and below * is unaffected.

Red Hat RHOL-5.8-RHEL-9:

Version v5.8.6-7 and below * is unaffected.

Red Hat RHOL-5.8-RHEL-9:

Version v0.4.0-247 and below * is unaffected.

Red Hat RHOL-5.8-RHEL-9:

Version v5.8.6-5 and below * is unaffected.

Red Hat RHOL-5.8-RHEL-9:

Version v1.1.0-227 and below * is unaffected.

Red Hat RHOL-5.8-RHEL-9:

Version v5.8.1-470 and below * is unaffected.

Red Hat RHOL-5.8-RHEL-9:

Version v2.9.6-14 and below * is unaffected.

Red Hat RHOL-5.8-RHEL-9:

Version v5.8.6-2 and below * is unaffected.

Red Hat RHOL-5.8-RHEL-9:

Version v5.8.6-24 and below * is unaffected.

Red Hat RHOL-5.8-RHEL-9:

Version v5.8.6-10 and below * is unaffected.

Red Hat RHOL-5.8-RHEL-9:

Version v0.1.0-525 and below * is unaffected.

Red Hat RHOL-5.8-RHEL-9:

Version v0.1.0-224 and below * is unaffected.

Red Hat RHOL-5.8-RHEL-9:

Version v0.28.1-56 and below * is unaffected.

Red Hat Enterprise Linux 6: Red Hat Enterprise Linux 7: Red Hat Enterprise Linux 7: Red Hat Enterprise Linux 9:

Exploit Probability

EPSS

0.02%

Percentile

5.68%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Linux Kernel NVMe over TCP NULL ptr deref Kernel Panic/DoSCVE-2023-6536 Published on February 7, 2024

Vulnerability Analysis

Weakness Type

NULL Pointer Dereference

Products Associated with CVE-2023-6536

Affected Versions

Exploit Probability

Linux Kernel NVMe over TCP NULL ptr deref Kernel Panic/DoS
CVE-2023-6536 Published on February 7, 2024