admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 01:31:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2023/CVE-2023-322xx/CVE-2023-32233.json
cad-safe-bot 9d8babeec3 Auto-Update: 2024-07-14T02:00:17.787041+00:00
2024-07-14 02:06:08 +00:00

267 lines
8.2 KiB
JSON
Raw Blame History

{
"id": "CVE-2023-32233",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-08T20:15:20.267",
"lastModified": "2023-09-28T19:07:11.537",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.13",
"versionEndExcluding": "4.14.315",
"matchCriteriaId": "7A2D2397-3B9A-44E9-BC19-9C562202EA30"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.283",
"matchCriteriaId": "8AC1BC2D-A61C-4368-A3F6-50DF48E2EFC5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.243",
"matchCriteriaId": "E54ACEF5-C8C1-4266-85FC-7D513FFD1DEC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.180",
"matchCriteriaId": "78422AC3-CC89-479E-B4BC-62381D8F3564"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.111",
"matchCriteriaId": "2B9DD776-7F17-4F72-B94F-54BFCBC692DD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.28",
"matchCriteriaId": "08F855F4-7188-4EE1-BD79-D4B6C7E2EF54"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.2.15",
"matchCriteriaId": "3844A90B-940D-46C3-8D7B-9FF63F1AFC2F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.3",
"versionEndExcluding": "6.3.2",
"matchCriteriaId": "38F6F330-91A0-4675-8B90-6F950471A7CC"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:*",
"matchCriteriaId": "27227B35-932A-4035-B39F-6A455753C0D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410c:*:*:*:*:*:*:*",
"matchCriteriaId": "489D20B9-166F-423D-8C48-A23D3026E33B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:*",
"matchCriteriaId": "A4AD592C-222D-4C6F-B176-8145A1A5AFEC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:*",
"matchCriteriaId": "8603654B-A8A9-4DEB-B0DD-C82E1C885749"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:*",
"matchCriteriaId": "C855C933-F271-45E6-8E85-8D7CF2EF1BE6"
}
]
}
]
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/05/15/5",
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196105",
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Mitigation",
"Third Party Advisory"
]
},
{
"url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c1592a89942e9678f7d9c8030efa777c0d57edab",
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "https://github.com/torvalds/linux/commit/c1592a89942e9678f7d9c8030efa777c0d57edab",
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00008.html",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html",
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://news.ycombinator.com/item?id=35879660",
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230616-0002/",
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5402",
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/05/08/4",
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink