CVE-2023-39197

Updated: 2024-08-27 21:42:13.124216

Description:

An out-of-bounds read vulnerability was found in Netfilter Connection Tracking (conntrack) in the Linux kernel. This flaw allows a remote user to disclose sensitive information via the DCCP protocol.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x HIGH 7.5

Status

OS name Project name Version Score Severity Status Errata Last updated
AlmaLinux 9.2 ESU kernel 5.14.0 7.5 HIGH Released CLSA-2024:1712263970 2024-04-07 09:53:55
AlmaLinux 9.2 FIPS kernel 5.14.0 7.5 HIGH Released CLSA-2024:1712570434 2024-04-08 10:41:15
CentOS 6 ELS kernel 2.6.32 7.5 HIGH Released CLSA-2024:1728297376 2024-10-25 01:27:50
CentOS 7 ELS kernel 3.10.0 7.5 HIGH Released CLSA-2024:1720468480 2024-07-23 17:23:37
CentOS 8.4 ELS kernel 4.18.0 7.5 HIGH Released CLSA-2024:1711026398 2024-03-21 09:52:07
CentOS 8.5 ELS kernel 4.18.0 7.5 HIGH Released CLSA-2024:1711026811 2024-03-21 09:52:08
CloudLinux 6 ELS kernel 2.6.32 7.5 HIGH Ignored 2024-10-09 04:04:57
Oracle Linux 6 ELS kernel 2.6.32 7.5 HIGH Released CLSA-2024:1728298943 2024-10-07 11:08:55
Ubuntu 16.04 ELS linux 4.4.0 7.5 HIGH Released CLSA-2024:1710945589 2024-03-20 11:09:09
Ubuntu 16.04 ELS linux-hwe 4.15.0 7.5 HIGH Released CLSA-2024:1710946064 2024-03-20 11:09:08
Total: 11