cbcvebase.
CVE-2023-7192
published 2024-01-02

CVE-2023-7192: A memory leak problem was found in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c in the Linux Kernel. This issue may allow a local…

medium4.4CVSS 3.1
AVLACLPRHUINSUCNINAH
A memory leak problem was found in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c in the Linux Kernel. This issue may allow a local attacker with CAP_NET_ADMIN privileges to cause a denial of service (DoS) attack due to a refcount overflow.

Affected

19 ranges
VendorProductVersion rangeFixed in
debianlinux< linux 6.1.20-1 (bookworm)linux 6.1.20-1 (bookworm)
linuxlinux_kernel< 6.36.3
linuxlinux_kernel>= 0 < 5.10.178-15.10.178-1
linuxlinux_kernel>= 0 < 6.1.20-16.1.20-1
linuxlinux_kernel>= 0 < 6.1.20-16.1.20-1
linuxlinux_kernel>= 0 < 6.1.20-16.1.20-1
linuxlinux_kernel>= 0 < 4.4.0-251.2854.4.0-251.285
linuxlinux_kernel>= 0 < 4.4.0-256.2904.4.0-256.290
linuxlinux_kernel>= 0 < 4.15.0-222.2334.15.0-222.233
linuxlinux_kernel>= 0 < 4.15.0-226.2384.15.0-226.238
linuxlinux_kernel>= 0 < 5.4.0-172.1905.4.0-172.190
linuxlinux_kernel>= 0 < 5.4.0-189.2095.4.0-189.209
linuxlinux_kernel>= 0 < 5.15.0-97.1075.15.0-97.107
linuxlinux_kernel>= 0 < 5.15.0-116.1265.15.0-116.126
linuxlinux_kernel>= 0 < 6.8.0-36.366.8.0-36.36
msrccbl2_kernel_5.15.148.1-1_on_cbl_mariner_2.0
msrccbl2_kernel_5.15.180.1-1_on_cbl_mariner_2.0
redhatenterprise_linux
redhatenterprise_linux

CVSS provenance

nvdv3.14.4MEDIUMCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
osv7.8HIGH