Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-20588

Published: 08/08/2023 Updated: 01/04/2024
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 0
Subscribe to Debian Linux

Vulnerability Summary

A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. (CVE-2023-20588) A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c. Mishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This flaw allows a local attacker with user access to cause a privilege escalation issue. We recommend upgrading past commit 1240eb93f0616b21c675416516ff3d74798fdc97. (CVE-2023-3390) A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the system. (CVE-2023-4004) A use-after-free flaw was found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel. This flaw allows a local malicious user to perform a local privilege escalation due to incorrect handling of the existing filter, leading to a kernel information leak issue. (CVE-2023-4128) netfilter: nf_tables: disallow rule addition to bound chain via NFTA_RULE_CHAIN_ID (CVE-2023-4147) A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file name. Since the file name characters are copied into a stack variable, a local privileged attacker could use this flaw to overflow the kernel stack. (CVE-2023-4273)

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

debian debian linux 10.0

debian debian linux 11.0

debian debian linux 12.0

amd epyc_7351p_firmware -

amd epyc_7401p_firmware -

amd epyc_7551p_firmware -

amd epyc_7251_firmware -

amd epyc_7261_firmware -

amd epyc_7281_firmware -

amd epyc_7301_firmware -

amd epyc_7351_firmware -

amd epyc_7371_firmware -

amd epyc_7401_firmware -

amd epyc_7451_firmware -

amd epyc_7501_firmware -

amd epyc_7551_firmware -

amd epyc_7571_firmware -

amd epyc_7601_firmware -

amd ryzen_5_pro_3400g_firmware -

amd ryzen_5_3400g_firmware -

amd ryzen_5_pro_3400ge_firmware -

amd ryzen_5_pro_3350g_firmware -

amd ryzen_5_pro_3350ge_firmware -

amd ryzen_3_pro_3200g_firmware -

amd ryzen_3_3200g_firmware -

amd ryzen_3_3200ge_firmware -

amd ryzen_3_pro_3200ge_firmware -

amd athlon_pro_300ge_firmware -

amd athlon_gold_3150ge_firmware -

amd athlon_gold_pro_3150ge_firmware -

amd athlon_gold_3150g_firmware -

amd athlon_gold_pro_3150g_firmware -

amd athlon_silver_3050ge_firmware -

amd athlon_silver_pro_3125ge_firmware -

xen xen -

fedoraproject fedora 37

fedoraproject fedora 38

fedoraproject fedora 39

microsoft windows server 2008 r2

microsoft windows server 2012 r2

microsoft windows server 2008 -

microsoft windows server 2012 -

microsoft windows 10 1809

microsoft windows 11 21h2

microsoft windows 11 22h2

microsoft windows 10 22h2

microsoft windows 11 23h2

microsoft windows 10 1507

microsoft windows 10 1607

microsoft windows server 2022 23h2

microsoft windows server 2019

microsoft windows server 2016

microsoft windows 10 21h2

Vendor Advisories

Debian Security Advisories: DSA-5480-1 linux -- security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2022-4269 William Zhao discovered that a flaw in the Traffic Control (TC) subsystem when using a specific networking configuration (redirecting egress packets to ingress using TC action m ...
Debian Security Advisories: DSA-5492-1 linux -- security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2023-1206 It was discovered that the networking stack permits attackers to force hash collisions in the IPv6 connection lookup table, which may result in denial of service (significant in ...
Amazon Linux AMI: ALAS-2023-1819
A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality (CVE-2023-20588) ...
Red Hat:
Description<!---->A division-by-zero error was found on some AMD processors, which can potentially return speculative data, resulting in loss of confidentialityA division-by-zero error was found on some AMD processors, which can potentially return speculative data, resulting in loss of confidentiality ...
Amazon Linux 2: ALAS2KERNEL-5.4-2023-052
A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality (CVE-2023-20588) ...
Amazon Linux 2: ALAS2KERNEL-5.10-2023-039
A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality (CVE-2023-20588) A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_apic Mishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer ...
Amazon Linux 2: ALAS2KERNEL-5.15-2023-026
A Gather Data Sampling (GDS) transient execution side-channel vulnerability was found affecting certain Intel processors This issue may allow a local attacker using gather instruction (load from memory) to infer stale data from previously used vector registers on the same physical core (CVE-2022-40982) A division-by-zero error on some AMD process ...
Amazon Linux 2: ALAS2-2023-2232
A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality (CVE-2023-20588) ...
Citrix Security Bulletins: Citrix Hypervisor Multiple Security Updates
Description of Problem Several issues have been discovered that affect Citrix Hypervisor 82 CU1 LTSR and may allow malicious privileged code in a guest VM to:i)&nbsp; Compromise an AMD-based host via a passed through PCI device: CVE-2023-34326ii)&nbsp; Compromise the host when a specific administrative action is taken (see Mitigating Factors below ...

Recent Articles

Final Patch Tuesday of 2023 goes out with a bang
The Register

Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Microsoft fixed 36 flaws. Adobe addressed 212. Apple, Google, Cisco, VMware and Atlassian joined the party

It's the last Patch Tuesday of 2023, which calls for celebration – just as soon as you update Windows, Adobe, Google, Cisco, FortiGuard, SAP, VMware, Atlassian and Apple products, of course. Let's start with Apple, since two of the bugs Cupertino disclosed yesterday may have already been used for evil purposes.  While the fruit cart's December release fixes all the iThings, there's two especially concerning vulnerabilities in the WebKit (again) web browser engine that affect AppleTVs...

Read more...

References

CWE-369https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7007https://www.debian.org/security/2023/dsa-5480https://www.debian.org/security/2023/dsa-5492http://www.openwall.com/lists/oss-security/2023/09/25/3http://xenbits.xen.org/xsa/advisory-439.htmlhttp://www.openwall.com/lists/oss-security/2023/09/25/4http://www.openwall.com/lists/oss-security/2023/09/25/8http://www.openwall.com/lists/oss-security/2023/09/25/5http://www.openwall.com/lists/oss-security/2023/09/25/7http://www.openwall.com/lists/oss-security/2023/09/26/8http://www.openwall.com/lists/oss-security/2023/09/26/9http://www.openwall.com/lists/oss-security/2023/09/27/1http://www.openwall.com/lists/oss-security/2023/09/26/5https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJTUVYZMP6BNF342DS3W7XGOGXC6JPN5/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AGZCACEHT6ZZZGG36QQMGROBM4FLWYJX/http://www.openwall.com/lists/oss-security/2023/10/03/9http://www.openwall.com/lists/oss-security/2023/10/03/12http://www.openwall.com/lists/oss-security/2023/10/03/15http://www.openwall.com/lists/oss-security/2023/10/03/14http://www.openwall.com/lists/oss-security/2023/10/03/13http://www.openwall.com/lists/oss-security/2023/10/03/16http://www.openwall.com/lists/oss-security/2023/10/04/1http://www.openwall.com/lists/oss-security/2023/10/04/2http://www.openwall.com/lists/oss-security/2023/10/04/3http://www.openwall.com/lists/oss-security/2023/10/04/4https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DIOYP4ZOBML4RCUM3MHRFZUQL445MZM3/https://lists.debian.org/debian-lts-announce/2023/10/msg00027.htmlhttps://nvd.nist.govhttps://www.debian.org/security/2023/dsa-5480https://alas.aws.amazon.com/AL2/ALASKERNEL-5.10-2023-039.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322CVE-2006-4304wirelessCVE-2023-23022local file inclusionCVE-2024-27058CVE-2024-33820open redirectCVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook