A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel. This issue may allow a malicious user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation.
Fixes

Solution

No solution given by the vendor.


Workaround

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

History
cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2025-09-26T02:52:27.026Z

Reserved: 2023-09-25T16:38:10.637Z

Link: CVE-2023-5178

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-11-01T17:15:11.920

Modified: 2024-11-21T08:41:14.480

Link: CVE-2023-5178

cve-icon Redhat

Severity : Important

Publid Date: 2023-10-15T00:00:00Z

Links: CVE-2023-5178 - Bugzilla

cve-icon OpenCVE Enrichment

No data.