A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.

Metrics

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00034.

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Vendors Products
Debian
  • Debian Linux
Linux
  • Linux Kernel
Redhat
  • Codeready Linux Builder Eus
  • Codeready Linux Builder Eus For Power Little Endian Eus
  • Codeready Linux Builder For Arm64 Eus
  • Codeready Linux Builder For Ibm Z Systems Eus
  • Enterprise Linux
  • Enterprise Linux Eus
  • Enterprise Linux For Arm 64 Eus
  • Enterprise Linux For Ibm Z Systems Eus
  • Enterprise Linux For Power Little Endian Eus
  • Enterprise Linux For Real Time
  • Enterprise Linux For Real Time For Nfv
  • Enterprise Linux Server Aus
  • Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions
  • Enterprise Linux Server Tus
  • Logging
  • Rhel Eus
  • Rhev Hypervisor
  • Virtualization Host

Configuration 1 [-]

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:a:redhat:codeready_linux_builder_eus:8.6:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_eus:9.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian_eus:8.6_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:8.6_aarch64:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.2_aarch64:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.6_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.2_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_real_time:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.6_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*

Configuration 4 [-]

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
Package CPE Advisory Released Date
Red Hat Enterprise Linux 8
kernel-rt-0:4.18.0-513.18.1.rt7.320.el8_9 cpe:/a:redhat:enterprise_linux:8::nfv RHSA-2024:0881 2024-02-20T00:00:00Z
kernel-0:4.18.0-513.18.1.el8_9 cpe:/o:redhat:enterprise_linux:8 RHSA-2024:0897 2024-02-20T00:00:00Z
Red Hat Enterprise Linux 8.6 Extended Update Support
kernel-0:4.18.0-372.91.1.el8_6 cpe:/o:redhat:rhel_eus:8.6 RHSA-2024:0724 2024-02-07T00:00:00Z
Red Hat Enterprise Linux 8.8 Extended Update Support
kernel-0:4.18.0-477.58.1.el8_8 cpe:/o:redhat:rhel_eus:8.8 RHSA-2024:3810 2024-06-11T00:00:00Z
Red Hat Enterprise Linux 9
kernel-0:5.14.0-362.24.1.el9_3 cpe:/a:redhat:enterprise_linux:9 RHSA-2024:1248 2024-03-12T00:00:00Z
kernel-0:5.14.0-362.24.1.el9_3 cpe:/o:redhat:enterprise_linux:9 RHSA-2024:1248 2024-03-12T00:00:00Z
Red Hat Enterprise Linux 9.2 Extended Update Support
kernel-0:5.14.0-284.52.1.el9_2 cpe:/a:redhat:rhel_eus:9.2 RHSA-2024:0723 2024-02-07T00:00:00Z
kernel-rt-0:5.14.0-284.52.1.rt14.337.el9_2 cpe:/a:redhat:rhel_eus:9.2::nfv RHSA-2024:0725 2024-02-07T00:00:00Z
Red Hat Virtualization 4 for Red Hat Enterprise Linux 8
kernel-0:4.18.0-372.91.1.el8_6 cpe:/o:redhat:rhev_hypervisor:4.4::el8 RHSA-2024:0724 2024-02-07T00:00:00Z
RHOL-5.8-RHEL-9
openshift-logging/cluster-logging-operator-bundle:v5.8.6-22 cpe:/a:redhat:logging:5.8::el9 RHSA-2024:2094 2024-05-01T00:00:00Z
openshift-logging/cluster-logging-rhel9-operator:v5.8.6-11 cpe:/a:redhat:logging:5.8::el9 RHSA-2024:2094 2024-05-01T00:00:00Z
openshift-logging/elasticsearch6-rhel9:v6.8.1-407 cpe:/a:redhat:logging:5.8::el9 RHSA-2024:2094 2024-05-01T00:00:00Z
openshift-logging/elasticsearch-operator-bundle:v5.8.6-19 cpe:/a:redhat:logging:5.8::el9 RHSA-2024:2094 2024-05-01T00:00:00Z
openshift-logging/elasticsearch-proxy-rhel9:v1.0.0-479 cpe:/a:redhat:logging:5.8::el9 RHSA-2024:2094 2024-05-01T00:00:00Z
openshift-logging/elasticsearch-rhel9-operator:v5.8.6-7 cpe:/a:redhat:logging:5.8::el9 RHSA-2024:2094 2024-05-01T00:00:00Z
openshift-logging/eventrouter-rhel9:v0.4.0-247 cpe:/a:redhat:logging:5.8::el9 RHSA-2024:2094 2024-05-01T00:00:00Z
openshift-logging/fluentd-rhel9:v5.8.6-5 cpe:/a:redhat:logging:5.8::el9 RHSA-2024:2094 2024-05-01T00:00:00Z
openshift-logging/log-file-metric-exporter-rhel9:v1.1.0-227 cpe:/a:redhat:logging:5.8::el9 RHSA-2024:2094 2024-05-01T00:00:00Z
openshift-logging/logging-curator5-rhel9:v5.8.1-470 cpe:/a:redhat:logging:5.8::el9 RHSA-2024:2094 2024-05-01T00:00:00Z
openshift-logging/logging-loki-rhel9:v2.9.6-14 cpe:/a:redhat:logging:5.8::el9 RHSA-2024:2094 2024-05-01T00:00:00Z
openshift-logging/logging-view-plugin-rhel9:v5.8.6-2 cpe:/a:redhat:logging:5.8::el9 RHSA-2024:2094 2024-05-01T00:00:00Z
openshift-logging/loki-operator-bundle:v5.8.6-24 cpe:/a:redhat:logging:5.8::el9 RHSA-2024:2094 2024-05-01T00:00:00Z
openshift-logging/loki-rhel9-operator:v5.8.6-10 cpe:/a:redhat:logging:5.8::el9 RHSA-2024:2094 2024-05-01T00:00:00Z
openshift-logging/lokistack-gateway-rhel9:v0.1.0-525 cpe:/a:redhat:logging:5.8::el9 RHSA-2024:2094 2024-05-01T00:00:00Z
openshift-logging/opa-openshift-rhel9:v0.1.0-224 cpe:/a:redhat:logging:5.8::el9 RHSA-2024:2094 2024-05-01T00:00:00Z
openshift-logging/vector-rhel9:v0.28.1-56 cpe:/a:redhat:logging:5.8::el9 RHSA-2024:2094 2024-05-01T00:00:00Z

No data.

Advisories
Source ID Title
Debian DLA Debian DLA DLA-3841-1 linux-5.10 security update
EUVD EUVD EUVD-2023-58767 A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.
Ubuntu USN Ubuntu USN USN-6818-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-6818-2 Linux kernel (ARM laptop) vulnerabilities
Ubuntu USN Ubuntu USN USN-6818-3 Linux kernel (NVIDIA) vulnerabilities
Ubuntu USN Ubuntu USN USN-6818-4 Linux kernel (HWE) vulnerabilities
Ubuntu USN Ubuntu USN USN-6819-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-6819-2 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-6819-3 Linux kernel (OEM) vulnerabilities
Ubuntu USN Ubuntu USN USN-6819-4 Linux kernel (Oracle) vulnerabilities
Fixes

Solution

No solution given by the vendor.

Workaround

To mitigate this issue, prevent module nvmet-tcp from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.

References
Link Providers
https://access.redhat.com/errata/RHSA-2024:0723 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:0724 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:0725 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:0881 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:0897 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:1248 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:2094 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:3810 cve-icon cve-icon
https://access.redhat.com/security/cve/CVE-2023-6536 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=2254052 cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2023-6536 cve-icon
https://security.netapp.com/advisory/ntap-20240415-0001/ cve-icon
https://www.cve.org/CVERecord?id=CVE-2023-6536 cve-icon
History

Fri, 22 Nov 2024 12:00:00 +0000

Type Values Removed Values Added
References

Fri, 15 Nov 2024 16:15:00 +0000

Type Values Removed Values Added
References
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 27 Aug 2024 19:45:00 +0000

Type Values Removed Values Added
First Time appeared Debian
Debian debian Linux
CPEs cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Vendors & Products Debian
Debian debian Linux
cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2025-09-25T19:22:04.484Z

Reserved: 2023-12-05T21:00:40.604Z

Link: CVE-2023-6536

cve-icon Vulnrichment

Updated: 2024-08-02T08:35:13.955Z

cve-icon NVD

Status : Modified

Published: 2024-02-07T21:15:08.733

Modified: 2024-11-21T08:44:03.303

Link: CVE-2023-6536

cve-icon Redhat

Severity : Moderate

Publid Date: 2023-12-11T00:00:00Z

Links: CVE-2023-6536 - Bugzilla

cve-icon OpenCVE Enrichment

No data.