CVE-2023-2860

Updated: 2024-11-30 02:34:09.270431

Description:

An out-of-bounds read vulnerability was found in the SR-IPv6 implementation in the Linux kernel. The flaw exists within the processing of seg6 attributes. The issue results from the improper validation of user-supplied data, which can result in a read past the end of an allocated buffer. This flaw allows a privileged local user to disclose sensitive information on affected installations of the Linux kernel.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x MEDIUM 4.4

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

AlmaLinux 9.2 ESU kernel 5.14.0 4.4 MEDIUM Ignored 2023-11-08 04:07:10
AlmaLinux 9.2 FIPS kernel 5.14.0 4.4 MEDIUM Ignored 2023-11-21 04:11:46
CentOS 6 ELS kernel 2.6.32 4.4 MEDIUM Ignored 2023-08-04 05:05:48
CentOS 7 ELS kernel 3.10.0 4.4 MEDIUM Ignored 2023-09-19 05:07:16
CentOS 8.4 ELS kernel 4.18.0 4.4 MEDIUM Ignored 2023-08-04 05:05:48
CentOS 8.5 ELS kernel 4.18.0 4.4 MEDIUM Ignored 2023-08-04 05:05:48
CloudLinux 6 ELS kernel 2.6.32 4.4 MEDIUM Ignored 2023-08-04 05:05:48
Oracle Linux 6 ELS kernel 2.6.32 4.4 MEDIUM Ignored 2023-08-04 05:05:48
Ubuntu 16.04 ELS linux 4.4.0 4.4 MEDIUM Ignored 2023-08-04 05:05:49
Ubuntu 16.04 ELS linux-hwe 4.15.0 4.4 MEDIUM Ignored 2023-08-04 05:05:49
Total: 11