Executive Summary

Informations
Name CVE-2023-28466 First vendor Publication 2023-03-16
Vendor Cve Last vendor Modification 2023-11-09

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Overall CVSS Score 7
Base Score 7 Environmental Score 7
impact SubScore 5.9 Temporal Score 7
Exploitabality Sub Score 1
 
Attack Vector Local Attack Complexity High
Privileges Required Low User Interaction None
Scope Unchanged Confidentiality Impact High
Integrity Impact High Availability Impact High
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score N/A Attack Range N/A
Cvss Impact Score N/A Attack Complexity N/A
Cvss Expoit Score N/A Authentication N/A
Calculate full CVSS 2.0 Vectors scores

Detail

do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference).

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28466

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-476 NULL Pointer Dereference

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 8
Hardware 1
Hardware 1
Hardware 1
Hardware 1
Hardware 1
Os 1
Os 3522

Sources (Detail)

Source Url
CONFIRM https://security.netapp.com/advisory/ntap-20230427-0006/
MISC https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=...
MLIST https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
Date Informations
2024-03-12 13:36:28
  • Multiple Updates
2024-02-02 02:44:42
  • Multiple Updates
2024-02-01 12:29:52
  • Multiple Updates
2024-01-12 02:36:35
  • Multiple Updates
2023-12-29 02:34:03
  • Multiple Updates
2023-11-22 02:33:16
  • Multiple Updates
2023-11-09 17:29:36
  • Multiple Updates
2023-09-29 13:27:24
  • Multiple Updates
2023-09-05 13:40:08
  • Multiple Updates
2023-09-05 01:29:05
  • Multiple Updates
2023-09-02 13:38:20
  • Multiple Updates
2023-09-02 01:29:32
  • Multiple Updates
2023-08-19 00:27:47
  • Multiple Updates
2023-08-12 13:43:44
  • Multiple Updates
2023-08-12 01:28:47
  • Multiple Updates
2023-08-11 13:35:07
  • Multiple Updates
2023-08-11 01:29:39
  • Multiple Updates
2023-08-06 13:32:21
  • Multiple Updates
2023-08-06 01:28:25
  • Multiple Updates
2023-08-04 13:32:48
  • Multiple Updates
2023-08-04 01:28:50
  • Multiple Updates
2023-08-02 13:21:43
  • Multiple Updates
2023-07-14 13:32:37
  • Multiple Updates
2023-07-14 01:28:27
  • Multiple Updates
2023-06-06 13:20:55
  • Multiple Updates
2023-05-17 13:13:41
  • Multiple Updates
2023-05-03 09:27:25
  • Multiple Updates
2023-05-02 21:27:28
  • Multiple Updates
2023-04-27 21:27:32
  • Multiple Updates
2023-04-13 02:17:14
  • Multiple Updates
2023-04-07 13:14:41
  • Multiple Updates
2023-03-30 13:12:23
  • Multiple Updates
2023-03-28 13:27:25
  • Multiple Updates
2023-03-28 12:27:54
  • Multiple Updates
2023-03-25 00:27:25
  • Multiple Updates
2023-03-24 17:27:25
  • Multiple Updates
2023-03-21 21:27:14
  • Multiple Updates
2023-03-17 02:16:05
  • Multiple Updates
2023-03-17 02:16:04
  • Multiple Updates
2023-03-16 17:27:16
  • Multiple Updates
2023-03-16 09:27:15
  • First insertion