Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
5.5
CVSSv3

CVE-2023-20588

Published: 08/08/2023 Updated: 10/06/2024
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 0

Vulnerability Summary

A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. (CVE-2023-20588) A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c. Mishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This flaw allows a local attacker with user access to cause a privilege escalation issue. We recommend upgrading past commit 1240eb93f0616b21c675416516ff3d74798fdc97. (CVE-2023-3390) A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the system. (CVE-2023-4004) A use-after-free flaw was found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel. This flaw allows a local malicious user to perform a local privilege escalation due to incorrect handling of the existing filter, leading to a kernel information leak issue. (CVE-2023-4128) netfilter: nf_tables: disallow rule addition to bound chain via NFTA_RULE_CHAIN_ID (CVE-2023-4147) A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file name. Since the file name characters are copied into a stack variable, a local privileged attacker could use this flaw to overflow the kernel stack. (CVE-2023-4273)

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

debian debian linux 10.0

debian debian linux 11.0

debian debian linux 12.0

amd epyc 7351p firmware -

amd epyc 7401p firmware -

amd epyc 7551p firmware -

amd epyc 7251 firmware -

amd epyc 7261 firmware -

amd epyc 7281 firmware -

amd epyc 7301 firmware -

amd epyc 7351 firmware -

amd epyc 7371 firmware -

amd epyc 7401 firmware -

amd epyc 7451 firmware -

amd epyc 7501 firmware -

amd epyc 7551 firmware -

amd epyc 7571 firmware -

amd epyc 7601 firmware -

amd ryzen 5 pro 3400g firmware -

amd ryzen 5 3400g firmware -

amd ryzen 5 pro 3400ge firmware -

amd ryzen 5 pro 3350g firmware -

amd ryzen 5 pro 3350ge firmware -

amd ryzen 3 pro 3200g firmware -

amd ryzen 3 3200g firmware -

amd ryzen 3 3200ge firmware -

amd ryzen 3 pro 3200ge firmware -

amd athlon pro 300ge firmware -

amd athlon gold 3150ge firmware -

amd athlon gold pro 3150ge firmware -

amd athlon gold 3150g firmware -

amd athlon gold pro 3150g firmware -

amd athlon silver 3050ge firmware -

amd athlon silver pro 3125ge firmware -

xen xen -

fedoraproject fedora 37

fedoraproject fedora 38

fedoraproject fedora 39

microsoft windows server 2008 r2

microsoft windows server 2012 r2

microsoft windows server 2008 -

microsoft windows server 2012 -

microsoft windows 10 1809

microsoft windows 11 21h2

microsoft windows 11 22h2

microsoft windows 10 22h2

microsoft windows 11 23h2

microsoft windows 10 1507

microsoft windows 10 1607

microsoft windows server 2022 23h2

microsoft windows server 2019

microsoft windows server 2016

microsoft windows 10 21h2

Vendor Advisories

Debian Security Advisories: DSA-5480-1 linux -- security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2022-4269 William Zhao discovered that a flaw in the Traffic Control (TC) subsystem when using a specific networking configuration (redirecting egress packets to ingress using TC action m ...
Debian Security Advisories: DSA-5492-1 linux -- security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2023-1206 It was discovered that the networking stack permits attackers to force hash collisions in the IPv6 connection lookup table, which may result in denial of service (significant in ...
Amazon Linux AMI: ALAS-2023-1819
A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality (CVE-2023-20588) ...
Red Hat:
Description<!---->A division-by-zero error was found on some AMD processors, which can potentially return speculative data, resulting in loss of confidentialityA division-by-zero error was found on some AMD processors, which can potentially return speculative data, resulting in loss of confidentiality ...
Amazon Linux 2: ALAS2KERNEL-5.4-2023-052
A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality (CVE-2023-20588) ...
Amazon Linux 2: ALAS2KERNEL-5.10-2023-039
A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality (CVE-2023-20588) A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_apic Mishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer ...
Amazon Linux 2: ALAS2KERNEL-5.15-2023-026
A Gather Data Sampling (GDS) transient execution side-channel vulnerability was found affecting certain Intel processors This issue may allow a local attacker using gather instruction (load from memory) to infer stale data from previously used vector registers on the same physical core (CVE-2022-40982) A division-by-zero error on some AMD process ...
Amazon Linux 2: ALAS2-2023-2232
A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality (CVE-2023-20588) ...
Citrix Security Bulletins: Citrix Hypervisor Multiple Security Updates
Description of Problem Several issues have been discovered that affect Citrix Hypervisor 82 CU1 LTSR and may allow malicious privileged code in a guest VM to:i)&nbsp; Compromise an AMD-based host via a passed through PCI device: CVE-2023-34326ii)&nbsp; Compromise the host when a specific administrative action is taken (see Mitigating Factors below ...

Recent Articles

Final Patch Tuesday of 2023 goes out with a bang
The Register

Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Microsoft fixed 36 flaws. Adobe addressed 212. Apple, Google, Cisco, VMware and Atlassian joined the party

It's the last Patch Tuesday of 2023, which calls for celebration – just as soon as you update Windows, Adobe, Google, Cisco, FortiGuard, SAP, VMware, Atlassian and Apple products, of course. Let's start with Apple, since two of the bugs Cupertino disclosed yesterday may have already been used for evil purposes.  While the fruit cart's December release fixes all the iThings, there's two especially concerning vulnerabilities in the WebKit (again) web browser engine that affect AppleTVs...

Read more...

References

CWE-369https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7007https://www.debian.org/security/2023/dsa-5480https://www.debian.org/security/2023/dsa-5492http://www.openwall.com/lists/oss-security/2023/09/25/3http://xenbits.xen.org/xsa/advisory-439.htmlhttp://www.openwall.com/lists/oss-security/2023/09/25/4http://www.openwall.com/lists/oss-security/2023/09/25/8http://www.openwall.com/lists/oss-security/2023/09/25/5http://www.openwall.com/lists/oss-security/2023/09/25/7http://www.openwall.com/lists/oss-security/2023/09/26/8http://www.openwall.com/lists/oss-security/2023/09/26/9http://www.openwall.com/lists/oss-security/2023/09/27/1http://www.openwall.com/lists/oss-security/2023/09/26/5https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJTUVYZMP6BNF342DS3W7XGOGXC6JPN5/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AGZCACEHT6ZZZGG36QQMGROBM4FLWYJX/http://www.openwall.com/lists/oss-security/2023/10/03/9http://www.openwall.com/lists/oss-security/2023/10/03/12http://www.openwall.com/lists/oss-security/2023/10/03/15http://www.openwall.com/lists/oss-security/2023/10/03/14http://www.openwall.com/lists/oss-security/2023/10/03/13http://www.openwall.com/lists/oss-security/2023/10/03/16http://www.openwall.com/lists/oss-security/2023/10/04/1http://www.openwall.com/lists/oss-security/2023/10/04/2http://www.openwall.com/lists/oss-security/2023/10/04/3http://www.openwall.com/lists/oss-security/2023/10/04/4https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DIOYP4ZOBML4RCUM3MHRFZUQL445MZM3/https://lists.debian.org/debian-lts-announce/2023/10/msg00027.htmlhttps://security.netapp.com/advisory/ntap-20240531-0005/https://nvd.nist.govhttps://www.debian.org/security/2023/dsa-5480https://alas.aws.amazon.com/AL2/ALASKERNEL-5.10-2023-039.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-0044client sideCVE-2021-47601deserializationCVE-2024-34994encryptionCVE-2021-47609CVE-2024-37079CVE-2024-38608
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook