CVE-2023-2162: Use After Free

First published: Tue Apr 18 2023(Updated: )

A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information.

Credit: secalert@redhat.com secalert@redhat.com

Affected Software	Affected Version	How to fix
Linux Linux kernel	<6.2
Linux Linux kernel	=6.2
Linux Linux kernel	=6.2-rc1
Linux Linux kernel	=6.2-rc2
Linux Linux kernel	=6.2-rc3
Linux Linux kernel	=6.2-rc4
Linux Linux kernel	=6.2-rc5
IBM QRadar SIEM	<=7.5 - 7.5.0 UP8 IF01
redhat/Kernel	<6.2	6.2
debian/linux		5.10.223-1 5.10.226-1 6.1.123-1 6.1.119-1 6.12.10-1

Remedy

https://www.spinics.net/lists/linux-scsi/msg181542.html

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

IBM-7150684

collector/nvd-index
agent/type
collector/launchpad-cve
source/Launchpad
agent/author
agent/first-publish-date
agent/weakness
collector/ibm-support
source/IBM
agent/software-canonical-lookup
agent/severity
collector/mitre-cve
source/MITRE
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2023-2162
collector/usn-cve
source/Ubuntu
agent/remedy
agent/references
agent/description
agent/event
agent/trending
agent/tags
collector/nvd-cve
source/NVD
agent/last-modified-date
collector/security-tracker-debian
source/Debian
agent/softwarecombine
agent/source
vendor/linux
canonical/linux linux kernel
version/linux linux kernel/6.2
version/linux linux kernel/6.2-rc1
version/linux linux kernel/6.2-rc2
version/linux linux kernel/6.2-rc3
version/linux linux kernel/6.2-rc4
version/linux linux kernel/6.2-rc5
vendor/ibm
canonical/ibm qradar siem
version/ibm qradar siem/7.5 - 7.5.0 up8 if01
package-manager/redhat
package-manager/debian

CVE-2023-2162: Use After Free

Remedy

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

Company

Resources

Contact