vulnerability

CentOS Linux: CVE-2023-2176: Important: kernel security update (CESA-2024:0461)

Severity
7
CVSS
(AV:L/AC:L/Au:S/C:C/I:C/A:C)
Published
Apr 20, 2023
Added
Jan 26, 2024
Modified
Jan 28, 2025

Description

A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege.

Solution

centos-upgrade-kernel
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.