Published: 05/10/2023 Updated: 11/01/2024

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 0

A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `rsvp_classify` function. This issue may allow a local user to crash the system and cause a denial of service.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel
redhat enterprise linux 8.0
debian debian linux 10.0

A flaw was found in rsvp_change() The root cause is an slab-out-of-bound access, but since the offset to the original pointer is an `unsign int` fully controlled by users, the behavior is usually a wild pointer access (CVE-2023-42755) A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve l ...

Description This CVE is under investigation by Red Hat Product Security ...

Critical Infrastructure Sectors: Critical Manufacturing

CWE-125 https://access.redhat.com/security/cve/CVE-2023-42755 https://bugzilla.redhat.com/show_bug.cgi?id=2239847 https://seclists.org/oss-sec/2023/q3/229 https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html https://nvd.nist.gov https://alas.aws.amazon.com/AL2/ALASKERNEL-5.10-2023-041.html https://www.cisa.gov/news-events/ics-advisories/icsa-23-348-10

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-42755

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

ICS Advisories

References

Vulmon Search

About

Products

Connect