{"api_version":"1","generated_at":"2026-04-22T23:52:39+00:00","cve":"CVE-2023-5178","urls":{"html":"https://cve.report/CVE-2023-5178","api":"https://cve.report/api/cve/CVE-2023-5178.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-5178","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-5178"},"summary":{"title":"CVE-2023-5178","description":"A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a malicious user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation in case that the attacker already has local privileges.","state":"PUBLIC","assigner":"secalert@redhat.com","published_at":"2023-11-01 17:15:00","updated_at":"2024-04-03 14:15:00"},"problem_types":["CWE-416"],"metrics":[],"references":[{"url":"https://access.redhat.com/errata/RHSA-2023:7557","name":"RHSA-2023:7557","refsource":"","tags":[],"title":"","mime":"","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2024:0378","name":"RHSA-2024:0378","refsource":"","tags":[],"title":"Red Hat","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2024:0432","name":"RHSA-2024:0432","refsource":"","tags":[],"title":"Red Hat","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2024:1278","name":"RHSA-2024:1278","refsource":"","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241924","name":"https://bugzilla.redhat.com/show_bug.cgi?id=2241924","refsource":"MISC","tags":[],"title":"2241924 – (CVE-2023-5178) CVE-2023-5178 kernel: use after free in nvmet_tcp_free_crypto in NVMe","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://access.redhat.com/errata/RHSA-2023:7551","name":"RHSA-2023:7551","refsource":"","tags":[],"title":"","mime":"","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2024:1269","name":"RHSA-2024:1269","refsource":"","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://security.netapp.com/advisory/ntap-20231208-0004/","name":"https://security.netapp.com/advisory/ntap-20231208-0004/","refsource":"","tags":["Third Party Advisory"],"title":"CVE-2023-5178 Linux Kernel Vulnerability in NetApp Products | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2023:7418","name":"RHSA-2023:7418","refsource":"","tags":[],"title":"Red Hat","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lore.kernel.org/linux-nvme/20231002105428.226515-1-sagi@grimberg.me/","name":"https://lore.kernel.org/linux-nvme/20231002105428.226515-1-sagi@grimberg.me/","refsource":"MISC","tags":[],"title":"[PATCH] nvmet-tcp: Fix a possible UAF in queue intialization setup - Sagi Grimberg","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://access.redhat.com/errata/RHSA-2023:7549","name":"RHSA-2023:7549","refsource":"","tags":[],"title":"","mime":"","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2023:7554","name":"RHSA-2023:7554","refsource":"","tags":[],"title":"","mime":"","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2024:0554","name":"RHSA-2024:0554","refsource":"","tags":[],"title":"Red Hat","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2024:0412","name":"RHSA-2024:0412","refsource":"","tags":[],"title":"Red Hat","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2024:0386","name":"RHSA-2024:0386","refsource":"","tags":[],"title":"Red Hat","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2023:7379","name":"RHSA-2023:7379","refsource":"","tags":[],"title":"Red Hat","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2024:0431","name":"RHSA-2024:0431","refsource":"","tags":[],"title":"Red Hat","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2024:1268","name":"RHSA-2024:1268","refsource":"","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2024:0575","name":"RHSA-2024:0575","refsource":"","tags":[],"title":"Red Hat","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2024:0340","name":"RHSA-2024:0340","refsource":"","tags":[],"title":"Red Hat","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/security/cve/CVE-2023-5178","name":"https://access.redhat.com/security/cve/CVE-2023-5178","refsource":"MISC","tags":[],"title":"cve-details","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2023:7559","name":"RHSA-2023:7559","refsource":"","tags":[],"title":"","mime":"","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2023:7548","name":"RHSA-2023:7548","refsource":"","tags":[],"title":"","mime":"","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2023:7370","name":"RHSA-2023:7370","refsource":"","tags":[],"title":"Red Hat","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html","name":"https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html","refsource":"","tags":["Mailing List","Third Party Advisory"],"title":"[SECURITY] [DLA 3711-1] linux-5.10 security update","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2024:0461","name":"RHSA-2024:0461","refsource":"","tags":[],"title":"Red Hat","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-5178","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-5178","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2023","cve_id":"5178","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"5178","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"6.6","cpe7":"rc1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"5178","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"6.6","cpe7":"rc2","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"5178","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"6.6","cpe7":"rc3","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"5178","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"6.6","cpe7":"rc4","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"5178","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"6.6","cpe7":"rc5","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"5178","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"6.6","cpe7":"rc6","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"5178","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"active_iq_unified_manager","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"vmware_vsphere","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"5178","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"solidfire_\\&_hci_management_node","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"5178","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"solidfire_\\&_hci_storage_node","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"5178","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"8.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"5178","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"9.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2023-5178","qid":"161208","title":"Oracle Enterprise Linux Security Update for kernel (ELSA-2023-7549)"},{"cve":"CVE-2023-5178","qid":"161229","title":"Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2023-13044)"},{"cve":"CVE-2023-5178","qid":"161237","title":"Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2023-13043)"},{"cve":"CVE-2023-5178","qid":"161238","title":"Oracle Enterprise Linux Security Update for unbreakable enterprise kernel-container (ELSA-2023-13049)"},{"cve":"CVE-2023-5178","qid":"161239","title":"Oracle Enterprise Linux Security Update for unbreakable enterprise kernel-container (ELSA-2023-13048)"},{"cve":"CVE-2023-5178","qid":"161318","title":"Oracle Enterprise Linux Security Update for kernel (ELSA-2024-12094)"},{"cve":"CVE-2023-5178","qid":"161404","title":"Oracle Enterprise Linux Security Update for kernel (ELSA-2024-0461)"},{"cve":"CVE-2023-5178","qid":"199929","title":"Ubuntu Security Notification for Linux kernel (OEM) Vulnerabilities (USN-6497-1)"},{"cve":"CVE-2023-5178","qid":"199976","title":"Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6534-1)"},{"cve":"CVE-2023-5178","qid":"199980","title":"Ubuntu Security Notification for Linux kernel Vulnerability (USN-6536-1)"},{"cve":"CVE-2023-5178","qid":"199982","title":"Ubuntu Security Notification for Linux kernel (GCP) Vulnerability (USN-6537-1)"},{"cve":"CVE-2023-5178","qid":"199996","title":"Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6549-1)"},{"cve":"CVE-2023-5178","qid":"199997","title":"Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6548-1)"},{"cve":"CVE-2023-5178","qid":"199999","title":"Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6548-2)"},{"cve":"CVE-2023-5178","qid":"200002","title":"Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6534-2)"},{"cve":"CVE-2023-5178","qid":"200003","title":"Ubuntu Security Notification for Linux kernel (GKE) Vulnerabilities (USN-6549-2)"},{"cve":"CVE-2023-5178","qid":"200006","title":"Ubuntu Security Notification for Linux kernel (Oracle) Vulnerabilities (USN-6548-3)"},{"cve":"CVE-2023-5178","qid":"200007","title":"Ubuntu Security Notification for Linux kernel (Low Latency) Vulnerabilities (USN-6549-3)"},{"cve":"CVE-2023-5178","qid":"200010","title":"Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6534-3)"},{"cve":"CVE-2023-5178","qid":"200024","title":"Ubuntu Security Notification for Linux kernel (Intel IoTG) Vulnerabilities (USN-6549-4)"},{"cve":"CVE-2023-5178","qid":"200035","title":"Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6549-5)"},{"cve":"CVE-2023-5178","qid":"200037","title":"Ubuntu Security Notification for Linux kernel (IoT) Vulnerabilities (USN-6548-5)"},{"cve":"CVE-2023-5178","qid":"200113","title":"Ubuntu Security Notification for Linux kernel (GCP) Vulnerabilities (USN-6635-1)"},{"cve":"CVE-2023-5178","qid":"242482","title":"Red Hat Update for kernel-rt (RHSA-2023:7379)"},{"cve":"CVE-2023-5178","qid":"242497","title":"Red Hat Update for kpatch-patch (RHSA-2023:7418)"},{"cve":"CVE-2023-5178","qid":"242515","title":"Red Hat Update for kernel (RHSA-2023:7557)"},{"cve":"CVE-2023-5178","qid":"242516","title":"Red Hat Update for kernel (RHSA-2023:7549)"},{"cve":"CVE-2023-5178","qid":"242522","title":"Red Hat Update for kpatch-patch (RHSA-2023:7554)"},{"cve":"CVE-2023-5178","qid":"242526","title":"Red Hat Update for kernel-rt (RHSA-2023:7548)"},{"cve":"CVE-2023-5178","qid":"242528","title":"Red Hat Update for kernel-rt (RHSA-2023:7551)"},{"cve":"CVE-2023-5178","qid":"242529","title":"Red Hat Update for kpatch-patch (RHSA-2023:7559)"},{"cve":"CVE-2023-5178","qid":"242612","title":"Red Hat Update for kernel security (RHSA-2023:7370)"},{"cve":"CVE-2023-5178","qid":"242727","title":"Red Hat Update for kpatch-patch (RHSA-2024:0340)"},{"cve":"CVE-2023-5178","qid":"242728","title":"Red Hat Update for kpatch-patch (RHSA-2024:0378)"},{"cve":"CVE-2023-5178","qid":"242738","title":"Red Hat Update for kpatch-patch (RHSA-2024:0386)"},{"cve":"CVE-2023-5178","qid":"242759","title":"Red Hat Update for kernel (RHSA-2024:0432)"},{"cve":"CVE-2023-5178","qid":"242769","title":"Red Hat Update for kpatch-patch (RHSA-2024:0554)"},{"cve":"CVE-2023-5178","qid":"242789","title":"Red Hat Update for kernel (RHSA-2024:0575)"},{"cve":"CVE-2023-5178","qid":"242839","title":"Red Hat Update for kernel (RHSA-2024:0461)"},{"cve":"CVE-2023-5178","qid":"242847","title":"Red Hat Update for kernel-rt (RHSA-2024:0431)"},{"cve":"CVE-2023-5178","qid":"242855","title":"Red Hat Update for kernel (RHSA-2024:0412)"},{"cve":"CVE-2023-5178","qid":"243055","title":"Red Hat Update for kernel (RHSA-2024:1268)"},{"cve":"CVE-2023-5178","qid":"243057","title":"Red Hat Update for kpatch-patch (RHSA-2024:1278)"},{"cve":"CVE-2023-5178","qid":"243058","title":"Red Hat Update for kernel-rt (RHSA-2024:1269)"},{"cve":"CVE-2023-5178","qid":"356572","title":"Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.10-2023-040"},{"cve":"CVE-2023-5178","qid":"379614","title":"Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX3-SA-2024:0017)"},{"cve":"CVE-2023-5178","qid":"6000419","title":"Debian Security Update for linux (DSA 5594-1)"},{"cve":"CVE-2023-5178","qid":"6000428","title":"Debian Security Update for linux-5.10 (DLA 3711-1)"},{"cve":"CVE-2023-5178","qid":"673595","title":"EulerOS Security Update for kernel (EulerOS-SA-2023-3247)"},{"cve":"CVE-2023-5178","qid":"673692","title":"EulerOS Security Update for kernel (EulerOS-SA-2023-3275)"},{"cve":"CVE-2023-5178","qid":"673714","title":"EulerOS Security Update for kernel (EulerOS-SA-2024-1196)"},{"cve":"CVE-2023-5178","qid":"755238","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:4378-1)"},{"cve":"CVE-2023-5178","qid":"755240","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:4375-1)"},{"cve":"CVE-2023-5178","qid":"755249","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2023:4414-1)"},{"cve":"CVE-2023-5178","qid":"755563","title":"SUSE Security Update for the linux kernel (SUSE-SU-2023:4351-1)"},{"cve":"CVE-2023-5178","qid":"755566","title":"SUSE Security Update for the linux kernel (SUSE-SU-2023:4345-1)"},{"cve":"CVE-2023-5178","qid":"755567","title":"SUSE Security Update for the linux kernel (SUSE-SU-2023:4343-1)"},{"cve":"CVE-2023-5178","qid":"755706","title":"SUSE Enterprise Linux Security Update for the Linux Kernel RT (Live Patch 3 for SLE 15 SP4) (SUSE-SU-2024:0331-1)"},{"cve":"CVE-2023-5178","qid":"755709","title":"SUSE Enterprise Linux Security Update for the Linux Kernel RT (Live Patch 5 for SLE 15 SP5) (SUSE-SU-2024:0348-1)"},{"cve":"CVE-2023-5178","qid":"755714","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 3 for SLE 15 SP5) (SUSE-SU-2024:0352-1)"},{"cve":"CVE-2023-5178","qid":"755715","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 5 for SLE 15 SP5) (SUSE-SU-2024:0378-1)"},{"cve":"CVE-2023-5178","qid":"755718","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 6 for SLE 15 SP5) (SUSE-SU-2024:0395-1)"},{"cve":"CVE-2023-5178","qid":"755726","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 8 for SLE 15 SP4) (SUSE-SU-2024:0414-1)"},{"cve":"CVE-2023-5178","qid":"755728","title":"SUSE Enterprise Linux Security Update for the Linux Kernel (Live Patch 7 for SLE 15 SP4) (SUSE-SU-2024:0421-1)"},{"cve":"CVE-2023-5178","qid":"907626","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for hyperv-daemons (31777-1)"},{"cve":"CVE-2023-5178","qid":"907632","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (31852)"},{"cve":"CVE-2023-5178","qid":"907677","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for kernel (31852-1)"},{"cve":"CVE-2023-5178","qid":"941482","title":"AlmaLinux Security Update for kernel (ALSA-2023:7549)"},{"cve":"CVE-2023-5178","qid":"961087","title":"Rocky Linux Security Update for kernel-rt (RLSA-2023:7548)"},{"cve":"CVE-2023-5178","qid":"961089","title":"Rocky Linux Security Update for kernel (RLSA-2023:7549)"}]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2023-5178","ASSIGNER":"secalert@redhat.com","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a malicious user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation in case that the attacker already has local privileges."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Use After Free","cweId":"CWE-416"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"n/a","product":{"product_data":[{"product_name":"Kernel","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"versions":[{"version":"6.6-rc7","status":"unaffected"}]}}]}}]}},{"vendor_name":"Red Hat","product":{"product_data":[{"product_name":"Red Hat Enterprise Linux 6","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"unaffected"}}]}},{"product_name":"Red Hat Enterprise Linux 7","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"unaffected"}},{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"unaffected"}}]}},{"product_name":"Red Hat Enterprise Linux 8","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"affected"}},{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"affected"}}]}},{"product_name":"Red Hat Enterprise Linux 9","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"affected"}},{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"affected"}}]}}]}},{"vendor_name":"Fedora","product":{"product_data":[{"product_name":"Fedora","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"affected"}}]}}]}}]}},"references":{"reference_data":[{"url":"https://access.redhat.com/security/cve/CVE-2023-5178","refsource":"MISC","name":"https://access.redhat.com/security/cve/CVE-2023-5178"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241924","refsource":"MISC","name":"https://bugzilla.redhat.com/show_bug.cgi?id=2241924"},{"url":"https://lore.kernel.org/linux-nvme/20231002105428.226515-1-sagi@grimberg.me/","refsource":"MISC","name":"https://lore.kernel.org/linux-nvme/20231002105428.226515-1-sagi@grimberg.me/"}]},"work_around":[{"lang":"en","value":"Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}],"impact":{"cvss":[{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","version":"3.1"}]}},"nvd":{"publishedDate":"2023-11-01 17:15:00","lastModifiedDate":"2024-04-03 14:15:00","problem_types":["CWE-416"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL"},"exploitabilityScore":3.9,"impactScore":5.9}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:6.6:rc1:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:6.6:rc2:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.6","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:6.6:rc3:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:6.6:rc4:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:6.6:rc5:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:6.6:rc6:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:solidfire_\\&_hci_management_node:-:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:solidfire_\\&_hci_storage_node:-:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}