{ "threat_severity" : "Important", "public_date" : "2023-01-13T06:30:00Z", "bugzilla" : { "description" : "kernel: Netfilter integer overflow vulnerability in nft_payload_copy_vlan", "id" : "2161713", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2161713" }, "cvss3" : { "cvss3_base_score" : "7.8", "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "status" : "verified" }, "cwe" : "CWE-190", "details" : [ "A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution.", "A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution." ], "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2023-02-28T00:00:00Z", "advisory" : "RHSA-2023:0951", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-162.18.1.el9_1" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2023-02-28T00:00:00Z", "advisory" : "RHSA-2023:0979", "cpe" : "cpe:/a:redhat:enterprise_linux:9::nfv", "package" : "kernel-rt-0:5.14.0-162.18.1.rt21.181.el9_1" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2023-02-28T00:00:00Z", "advisory" : "RHSA-2023:0951", "cpe" : "cpe:/o:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-162.18.1.el9_1" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2023-02-28T00:00:00Z", "advisory" : "RHSA-2023:1008", "cpe" : "cpe:/o:redhat:enterprise_linux:9", "package" : "kpatch-patch" }, { "product_name" : "Red Hat Enterprise Linux 9.0 Extended Update Support", "release_date" : "2023-03-14T00:00:00Z", "advisory" : "RHSA-2023:1202", "cpe" : "cpe:/a:redhat:rhel_eus:9.0", "package" : "kernel-0:5.14.0-70.49.1.el9_0" }, { "product_name" : "Red Hat Enterprise Linux 9.0 Extended Update Support", "release_date" : "2023-03-14T00:00:00Z", "advisory" : "RHSA-2023:1203", "cpe" : "cpe:/a:redhat:rhel_eus:9.0::nfv", "package" : "kernel-rt-0:5.14.0-70.49.1.rt21.120.el9_0" }, { "product_name" : "Red Hat Enterprise Linux 9.0 Extended Update Support", "release_date" : "2023-03-23T00:00:00Z", "advisory" : "RHSA-2023:1435", "cpe" : "cpe:/o:redhat:rhel_eus:9.0", "package" : "kpatch-patch" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Not affected", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:8" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2023-0179\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-0179\nhttps://seclists.org/oss-sec/2023/q1/20" ], "name" : "CVE-2023-0179", "mitigation" : { "value" : "This flaw can be mitigated by disabling unprivileged user namespaces will prevent exploitation:\n~~~\nsysctl -w kernel.unprivileged_userns_clone = 0\n~~~", "lang" : "en:us" }, "csaw" : false }