CVE-2023-6040
Description
Important: kernel security, bug fix, and enhancement update
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Mitigation details
Description kernel: netfilter: nf_tables: out-of-bounds access in nf_tables_newtable() Red Hat statement This vulnerability can only be triggered locally and the attacker needs to be logged into the system. For these reasons, this flaw has been rated with a moderate severity. CVSS v3: 7.8 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) Errata / fixed releases ProductPackageAdvisoryReleased Red Hatβ¦
Description
kernel: netfilter: nf_tables: out-of-bounds access in nf_tables_newtable()
Red Hat statement
This vulnerability can only be triggered locally and the attacker needs to be logged into the system. For these reasons, this flaw has been rated with a moderate severity.
CVSS v3: 7.8 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
Errata / fixed releases
| Product | Package | Advisory | Released |
|---|---|---|---|
| Red Hat Enterprise Linux 8 | kernel-rt-0:4.18.0-553.22.1.rt7.363.el8_10 | RHSA-2024:7001 | 2024-09-24T00:00:00Z |
| Red Hat Enterprise Linux 8 | kernel-0:4.18.0-553.22.1.el8_10 | RHSA-2024:7000 | 2024-09-24T00:00:00Z |
| Red Hat Enterprise Linux 9 | kernel-0:5.14.0-427.13.1.el9_4 | RHSA-2024:2394 | 2024-04-30T00:00:00Z |
| Red Hat Enterprise Linux 9 | kernel-0:5.14.0-427.13.1.el9_4 | RHSA-2024:2394 | 2024-04-30T00:00:00Z |
Package state
| Product | Package | State |
|---|---|---|
| Red Hat Enterprise Linux 6 | kernel | Out of support scope |
| Red Hat Enterprise Linux 7 | kernel | Out of support scope |
| Red Hat Enterprise Linux 7 | kernel-rt | Out of support scope |
| Red Hat Enterprise Linux 9 | kernel-rt | Affected |
Apply commands
yum update -y kernel-rt
# or:
dnf upgrade -y kernel-rtAffected
| Vendor | Product | Version |
|---|---|---|
| redhat | Red Hat Enterprise Linux 9 | Affected |
OS impact
SUSE Affected 1 release
| Version | Status | Fixed in |
|---|---|---|
| β | Affected | β |
AlmaLinux Fixed 2 releases
| Version | Status | Fixed in |
|---|---|---|
| 9 | Fixed | kernel-doc-5.14.0-427.13.1.el9_4.noarch.rpm |
| 8 | Fixed | kernel-abi-stablelists-4.18.0-553.22.1.el8_10.noarch.rpm |
Debian Fixed 5 releases
| Version | Status | Fixed in |
|---|---|---|
| trixie | Fixed | 5.18.2-1 |
| sid | Fixed | 5.18.2-1 |
| forky | Fixed | 5.18.2-1 |
| bullseye | Fixed | 5.10.209-1 |
| bookworm | Fixed | 5.18.2-1 |
Red Hat Fixed 2 releases
| Version | Status | Fixed in |
|---|---|---|
| 9 | Fixed | β |
| 8 | Fixed | β |
Rocky Linux Fixed 1 release
| Version | Status | Fixed in |
|---|---|---|
| 8 | Fixed | β |
References
- https://access.redhat.com/errata/RHSA-2024:2394
- https://errata.rockylinux.org/RLSA-2024:7000
- https://errata.rockylinux.org/RLSA-2024:7001
- https://www.suse.com/security/cve/CVE-2023-6040.html
- https://security-tracker.debian.org/tracker/CVE-2023-6040
- https://access.redhat.com/errata/RHSA-2024:7000
- https://bugzilla.redhat.com/2258012
- https://bugzilla.redhat.com/2258013
- https://bugzilla.redhat.com/2260038
- https://bugzilla.redhat.com/2265799
- https://bugzilla.redhat.com/2265838
- https://bugzilla.redhat.com/2266358
- https://bugzilla.redhat.com/2266750
- https://bugzilla.redhat.com/2267036
- https://bugzilla.redhat.com/2267041
- https://bugzilla.redhat.com/2267795
- https://bugzilla.redhat.com/2267916
- https://bugzilla.redhat.com/2267925
- https://bugzilla.redhat.com/2268295
- https://bugzilla.redhat.com/2270103
- https://bugzilla.redhat.com/2271648
- https://bugzilla.redhat.com/2271796
- https://bugzilla.redhat.com/2272793
- https://bugzilla.redhat.com/2273141
- https://bugzilla.redhat.com/2273148
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.