CVE-2023-3106
A NULL pointer dereference vulnerability was found in netlink_dump. This issue can occur when the Netlink socket receives the message(sendmsg) for the XFRM_MSG_GETSA, XFRM_MSG_GETPOLICY type message, and the DUMP flag is set and can cause a denial of service or possibly another unspecified impact. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is unlikely.
| Software | From | Fixed in |
|---|---|---|
| linux / linux_kernel | 4.8-rc6 | 4.8-rc6.x |
| linux / linux_kernel | 4.8-rc5 | 4.8-rc5.x |
| linux / linux_kernel | 4.8-rc4 | 4.8-rc4.x |
| linux / linux_kernel | 4.8-rc3 | 4.8-rc3.x |
| linux / linux_kernel | 4.8-rc2 | 4.8-rc2.x |
| linux / linux_kernel | 4.8-rc1 | 4.8-rc1.x |
| fedoraproject / fedora | 38 | 38.x |
| linux / linux_kernel | 3.15 | 3.16.39 |
| linux / linux_kernel | 4.5 | 4.7.10 |
| linux / linux_kernel | 3.17 | 4.4.223 |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime