CVE-2023-28327
Summary
| CVE | CVE-2023-28327 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2023-04-19 23:15:00 UTC |
|---|
| Updated | 2023-04-29 03:12:00 UTC |
|---|
| Description | A NULL pointer dereference flaw was found in the UNIX protocol in net/unix/diag.c In unix_diag_get_exact in the Linux Kernel. The newly allocated skb does not have sk, leading to a NULL pointer. This flaw allows a local user to crash or potentially cause a denial of service. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| 2177382 – (CVE-2023-28327) CVE-2023-28327 kernel: denial of service problem in net/unix/diag.c |
MISC |
bugzilla.redhat.com |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 181716 Debian Security Update for linux (CVE-2023-28327)
- 242154 Red Hat Update for kernel (RHSA-2023:5604)
- 242157 Red Hat Update for kernel-rt (RHSA-2023:5603)
- 378710 Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX3-SA-2023:0079)
- 379043 Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX3-SA-2023:0136)
- 673121 EulerOS Security Update for kernel (EulerOS-SA-2023-2296)
- 673157 EulerOS Security Update for kernel (EulerOS-SA-2023-2272)
- 753902 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:1800-1)
- 753905 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:1811-1)
- 755851 SUSE Enterprise Linux Security Update for the linux kernel (SUSE-SU-2023:2646-1)
- 906900 Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (26339-1)
