A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel. This issue may allow a malicious user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation.
Metrics
Affected Vendors & Products
Fixes
Solution
No solution given by the vendor.
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
References
History
Fri, 22 Nov 2024 12:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Fri, 13 Sep 2024 19:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|

Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2025-09-26T02:52:27.026Z
Reserved: 2023-09-25T16:38:10.637Z
Link: CVE-2023-5178

No data.

Status : Modified
Published: 2023-11-01T17:15:11.920
Modified: 2024-11-21T08:41:14.480
Link: CVE-2023-5178


No data.