CVE-2023-3772
published 2023-07-25CVE-2023-3772: A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN…
medium4.4CVSS 3.1
AVLACLPRHUINSUCNINAH
A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of service.
Affected
37 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | linux | < linux 6.1.52-1 (bookworm) | linux 6.1.52-1 (bookworm) |
| linux | linux | — | — |
| linux | linux | >= d8647b79c3b7e223ac051439d165bc8e7bbb832f < ed1cba039309c80b49719fcff3e3d7cdddb73d96 | ed1cba039309c80b49719fcff3e3d7cdddb73d96 |
| linux | linux | >= d8647b79c3b7e223ac051439d165bc8e7bbb832f < 44f69c96f8a147413c23c68cda4d6fb5e23137cd | 44f69c96f8a147413c23c68cda4d6fb5e23137cd |
| linux | linux | >= d8647b79c3b7e223ac051439d165bc8e7bbb832f < 8046beb890ebc83c5820188c650073e1c6066e67 | 8046beb890ebc83c5820188c650073e1c6066e67 |
| linux | linux | >= d8647b79c3b7e223ac051439d165bc8e7bbb832f < bd30aa9c7febb6e709670cd5154194189ca3b7b5 | bd30aa9c7febb6e709670cd5154194189ca3b7b5 |
| linux | linux | >= d8647b79c3b7e223ac051439d165bc8e7bbb832f < 075448a2eb753f813fe873cfa52853e9fef8eedb | 075448a2eb753f813fe873cfa52853e9fef8eedb |
| linux | linux | >= d8647b79c3b7e223ac051439d165bc8e7bbb832f < 87b655f4936b6fc01f3658aa88a22c923b379ebd | 87b655f4936b6fc01f3658aa88a22c923b379ebd |
| linux | linux | >= d8647b79c3b7e223ac051439d165bc8e7bbb832f < 53df4be4f5221e90dc7aa9ce745a9a21bb7024f4 | 53df4be4f5221e90dc7aa9ce745a9a21bb7024f4 |
| linux | linux | >= d8647b79c3b7e223ac051439d165bc8e7bbb832f < 00374d9b6d9f932802b55181be9831aa948e5b7c | 00374d9b6d9f932802b55181be9831aa948e5b7c |
| linux | linux_kernel | — | — |
| linux | linux_kernel | >= 0 < 5.10.197-1 | 5.10.197-1 |
| linux | linux_kernel | >= 0 < 6.1.52-1 | 6.1.52-1 |
| linux | linux_kernel | >= 0 < 6.4.13-1 | 6.4.13-1 |
| linux | linux_kernel | >= 0 < 6.4.13-1 | 6.4.13-1 |
| linux | linux_kernel | >= 0 < 5.4.0-166.183 | 5.4.0-166.183 |
| linux | linux_kernel | >= 0 < 5.15.0-88.98 | 5.15.0-88.98 |
| linux | linux_kernel | >= 0 < 4.4.0-246.280 | 4.4.0-246.280 |
| linux | linux_kernel | >= 0 < 4.15.0-219.230 | 4.15.0-219.230 |
| linux | linux_kernel | >= 2.6.39 < 4.14.324 | 4.14.324 |
| linux | linux_kernel | >= 4.15 < 4.19.293 | 4.19.293 |
| linux | linux_kernel | >= 4.20 < 5.4.255 | 5.4.255 |
| linux | linux_kernel | >= 5.11 < 5.15.128 | 5.15.128 |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
osv9.8CRITICAL