CVE-2023-6622

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Dec 8, 2023

Updated: May 22, 2024

CWE ID 476

Summary

CVE-2023-6622 is a null pointer dereference vulnerability identified in the function nft_dynset_init() within net/netfilter/nft_dynset.c of the Linux kernel. This issue poses a denial-of-service threat to local attackers with CAP_NET_ADMIN privileges, who can exploit this flaw and trigger the vulnerability. The null pointer dereference can lead to memory corruption and potential system instability, potentially causing services to crash or become unresponsive. Users are advised to apply the appropriate patch or update to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tvEPPM
https://www.cve.org/CVERecord?id=CVE-2023-6622
https://nvd.nist.gov/vuln/detail/CVE-2023-6622

Back to Vulnerability Database

CVE-2023-6622

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations