CVE-2023-2166
CVSS V2 None
CVSS V3 None
Description
A null pointer dereference issue was found in can protocol in net/can/af_can.c in the Linux before Linux. ml_priv may not be initialized in the receive path of CAN frames. A local user could use this flaw to crash the system or potentially cause a denial of service.
Overview
- CVE ID
- CVE-2023-2166
- Assigner
- secalert@redhat.com
- Vulnerability Status
- Undergoing Analysis
- Published Version
- 2023-04-19T23:15:07
- Last Modified Date
- 2023-04-20T13:15:05
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://lore.kernel.org/lkml/CAO4mrfcV_07hbj8NUuZrA8FH-kaRsrFy-2metecpTuE5kKHn5w@mail.gmail.com/ |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-2166 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2166 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2023-04-20 00:01:06 | Added to TrackCVE | |||
| 2023-04-20 00:01:07 | Weakness Enumeration | new | ||
| 2023-04-20 14:02:07 | 2023-04-20T13:15:05 | CVE Modified Date | updated | |
| 2023-04-20 14:02:07 | Received | Awaiting Analysis | Vulnerability Status | updated |
| 2023-04-26 16:01:41 | Awaiting Analysis | Undergoing Analysis | Vulnerability Status | updated |