CVE-2023-6536

Kernel: null pointer dereference in __nvmet_req_complete

Published: 2/7/2024 Last updated: 11/15/2024 Reserved: 12/5/2023

A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Metrics

Version	Score	Severity	Vector String
3.1	6.5	Medium	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Opam packages affected (27)

albatross cdrom conf-bpftool conf-libbpf conf-linux-libc-dev core core_unix hvsock mirage-block-unix mm ocaml-probes orun rawlink rawlink-eio rawlink-lwt shell solo5 solo5-bindings-hvt solo5-bindings-spt solo5-cross-aarch64 solo5-kernel-ukvm tracy-client tuntap uring vhd-format vhd-format-lwt xapi-stdext-unix

Products affected (29)

Product	Vendor	Version
Red Hat Enterprise Linux 6	Red Hat	4.12
Red Hat Enterprise Linux 8	Red Hat	QCA8075
Red Hat Enterprise Linux 8.6 Extended Update Support	Red Hat	S4FND 104
Red Hat Enterprise Linux 8.8 Extended Update Support	Red Hat	S4FND 106
Red Hat Enterprise Linux 9	Red Hat	QCA8386
Red Hat Enterprise Linux 9	Red Hat	WEBCUIF 747
Red Hat Enterprise Linux 9.2 Extended Update Support	Red Hat	n/a
Red Hat Virtualization 4 for Red Hat Enterprise Linux 8	Red Hat	< 10.0.26100.3194
Red Hat Enterprise Linux 7	Red Hat	< 4.12
Red Hat Enterprise Linux 8	Red Hat	SAPSCORE 129
Red Hat Enterprise Linux 7	Red Hat	QCS410
Red Hat Enterprise Linux 9	Red Hat	12.1.2.15332
RHOL-5.8-RHEL-9	Red Hat	< 23311b92755ffa9087332d1bb8c71c0f6a10cc08
RHOL-5.8-RHEL-9	Red Hat	< publication
RHOL-5.8-RHEL-9	Red Hat	QCN5122
RHOL-5.8-RHEL-9	Red Hat	< 5.13
RHOL-5.8-RHEL-9	Red Hat	<= 5.15.*
RHOL-5.8-RHEL-9	Red Hat	5.0.0
RHOL-5.8-RHEL-9	Red Hat	QCN6023
RHOL-5.8-RHEL-9	Red Hat	< publication
RHOL-5.8-RHEL-9	Red Hat	< publication
RHOL-5.8-RHEL-9	Red Hat	< 8b9f60725d74b72c238e4437c957d0217746b506
RHOL-5.8-RHEL-9	Red Hat	<= 0.13.6
RHOL-5.8-RHEL-9	Red Hat	>= 8.1.0, < 8.1.6
RHOL-5.8-RHEL-9	Red Hat	n/a
RHOL-5.8-RHEL-9	Red Hat	n/a
RHOL-5.8-RHEL-9	Red Hat	n/a
RHOL-5.8-RHEL-9	Red Hat	< 10.0.18363.1734
RHOL-5.8-RHEL-9	Red Hat	QCN9100

References (22)

Credits (1)

Red Hat would like to thank Alon Zahavi for reporting this issue.