CVE-2023-39192

CVSS 3.1 Score 6.0 of 10 (medium)

Details

Published Oct 9, 2023

Updated: May 22, 2024

CWE ID 125

Summary

CVE-2023-39192 is a vulnerability affecting the Netfilter subsystem in the Linux kernel. The xt_u32 module, which is part of this subsystem, was identified as having a flaw. Attackers with local privileged access can exploit this vulnerability by setting size fields beyond the array boundaries in the xt_u32 structure. This issue results in an out-of-bounds read, potentially causing a system crash or disclosing sensitive information.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sHRoL3
https://www.cve.org/CVERecord?id=CVE-2023-39192
https://nvd.nist.gov/vuln/detail/CVE-2023-39192

Back to Vulnerability Database

CVE-2023-39192

CVSS 3.1 Score 6.0 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations