CVE-2023-3489
published 2023-08-31CVE-2023-3489: The firmwaredownload command on Brocade Fabric OS v9.2.0 could log the FTP/SFTP/SCP server password in clear text in the SupportSave file when performing a…
PriorityP341high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EPSS
0.30%
21.4th percentile
The
firmwaredownload command on Brocade Fabric OS v9.2.0 could log the
FTP/SFTP/SCP server password in clear text in the SupportSave file when
performing a downgrade from Fabric OS v9.2.0 to any earlier version of
Fabric OS.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| broadcom | fabric_operating_system | — | — |
| brocade | fabric_os | — | — |
| linux | linux_kernel | >= 4.12.0 < 4.14.316 | 4.14.316 |
| linux | linux_kernel | >= 4.15.0 < 4.19.284 | 4.19.284 |
| linux | linux_kernel | >= 4.20.0 < 5.4.244 | 5.4.244 |
| linux | linux_kernel | >= 5.11.0 < 5.15.113 | 5.15.113 |
| linux | linux_kernel | >= 5.16.0 < 6.1.30 | 6.1.30 |
| linux | linux_kernel | >= 5.5.0 < 5.10.181 | 5.10.181 |
| linux | linux_kernel | >= 6.2.0 < 6.3.4 | 6.3.4 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
vendor_redhat3.3LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
net: Fix load-tearing on sk->sk_stamp in sock_recv_cmsgs().
osv·2025-12-30
CVE-2023-54218 net: Fix load-tearing on sk->sk_stamp in sock_recv_cmsgs().
net: Fix load-tearing on sk->sk_stamp in sock_recv_cmsgs().
In the Linux kernel, the following vulnerability has been resolved:
net: Fix load-tearing on sk->sk_stamp in sock_recv_cmsgs().
KCSAN found a data race in sock_recv_cmsgs() where the read access
to sk->sk_stamp needs READ_ONCE().
BUG: KCSAN: data-race in packet_recvmsg / packet_recvmsg
write (marked) to 0xffff88803c81f258 of 8 bytes by task 19171 on cpu 0:
sock_write_timestamp include/net/sock.h:2670 [inline]
sock_recv_cmsgs include/net/sock.h:2722 [inline]
packet_recvmsg+0xb97/0xd00 net/packet/af_packet.c:3489
sock_recvmsg_nosec net/socket.c:1019 [inline]
sock_recvmsg+0x11a/0x130 net/socket.c:1040
sock_read_iter+0x176/0x220 net/socket.c:1118
call_read_iter include/linux/fs.h:1845 [inline]
new_sync_read fs/read_write.c:389 [i
GHSA
GHSA-qw3m-jfhw-49pg: The
firmwaredownload command on Brocade Fabric OS v9
ghsa_unreviewed·2023-08-31
CVE-2023-3489 [HIGH] CWE-312 GHSA-qw3m-jfhw-49pg: The
firmwaredownload command on Brocade Fabric OS v9
The
firmwaredownload command on Brocade Fabric OS v9.2.0 could log the
FTP/SFTP/SCP server password in clear text in the SupportSave file when
performing a downgrade from Fabric OS v9.2.0 to any earlier version of
Fabric OS.
Red Hat
kernel: net: Fix load-tearing on sk->sk_stamp in sock_recv_cmsgs()
vendor_redhat·2025-12-30·CVSS 3.3
CVE-2023-54218 [LOW] CWE-820 kernel: net: Fix load-tearing on sk->sk_stamp in sock_recv_cmsgs()
kernel: net: Fix load-tearing on sk->sk_stamp in sock_recv_cmsgs()
In the Linux kernel, the following vulnerability has been resolved:
net: Fix load-tearing on sk->sk_stamp in sock_recv_cmsgs().
KCSAN found a data race in sock_recv_cmsgs() where the read access
to sk->sk_stamp needs READ_ONCE().
BUG: KCSAN: data-race in packet_recvmsg / packet_recvmsg
write (marked) to 0xffff88803c81f258 of 8 bytes by task 19171 on cpu 0:
sock_write_timestamp include/net/sock.h:2670 [inline]
sock_recv_cmsgs include/net/sock.h:2722 [inline]
packet_recvmsg+0xb97/0xd00 net/packet/af_packet.c:3489
sock_recvmsg_nosec net/socket.c:1019 [inline]
sock_recvmsg+0x11a/0x130 net/socket.c:1040
sock_read_iter+0x176/0x220 net/socket.c:1118
call_read_iter include/linux/fs.h:1845 [inline]
new_sync_read fs/read_write.c:389
Suricata
ET SCADA Rockwell RNA Message Large Header Length - 8Kb
suricata·2011-09-30
ET SCADA Rockwell RNA Message Large Header Length - 8Kb
ET SCADA Rockwell RNA Message Large Header Length - 8Kb
Rule: alert tcp any !443 -> $HOME_NET [1330,1331,1332,4241,4242,4445,4446,5241,6543,9111,60093,49281] (msg:"ET SCADA Rockwell RNA Message Large Header Length - 8Kb"; flow:established,to_server; content:"rna|f2|"; startswith; fast_pattern; byte_test:4,>,0x2000,0,relative,little; classtype:attempted-dos; sid:2049795; rev:5; metadata:attack_target ICS, created_at 2011_09_30, cve CVE_2011_3489, deployment Internal, confidence Medium, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2023_12_27, reviewed_at 2024_03_06, former_sid 2803783; target:dest_ip;)
No public exploits indexed.
No writeups or analysis indexed.
https://security.netapp.com/advisory/ntap-20231124-0003/https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22510https://security.netapp.com/advisory/ntap-20231124-0003/https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22510
2023-08-31
Published