{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-30T06:16:20.203","vulnerabilities":[{"cve":{"id":"CVE-2023-39194","sourceIdentifier":"secalert@redhat.com","published":"2023-10-09T18:15:10.367","lastModified":"2024-11-21T08:14:53.410","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, potentially leading to an information disclosure."},{"lang":"es","value":"Se encontró una falla en el subsistema XFRM del kernel de Linux. La falla específica existe en el procesamiento de filtros de estado, lo que puede resultar en una lectura más allá del final de un búfer asignado. Esta falla permite que un atacante local con privilegios (CAP_NET_ADMIN) active una lectura fuera de límites, lo que podría conducir a una divulgación de información."}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N","baseScore":3.2,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.5,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.4,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.8,"impactScore":3.6}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"6.5","matchCriteriaId":"98C491C7-598A-4D36-BA4F-3505A5727ED1"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.5:rc1:*:*:*:*:*:*","matchCriteriaId":"0B3E6E4D-E24E-4630-B00C-8C9901C597B0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.5:rc2:*:*:*:*:*:*","matchCriteriaId":"E4A01A71-0F09-4DB2-A02F-7EFFBE27C98D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.5:rc3:*:*:*:*:*:*","matchCriteriaId":"F5608371-157A-4318-8A2E-4104C3467EA1"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.5:rc4:*:*:*:*:*:*","matchCriteriaId":"2226A776-DF8C-49E0-A030-0A7853BB018A"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.5:rc5:*:*:*:*:*:*","matchCriteriaId":"6F15C659-DF06-455A-9765-0E6DE920F29A"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.5:rc6:*:*:*:*:*:*","matchCriteriaId":"5B1C14ED-ABC4-41D3-8D9C-D38C6A65B4DE"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*","matchCriteriaId":"CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2024:2394","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:2950","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2024:3138","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2023-39194","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2226788","source":"secalert@redhat.com","tags":["Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://www.zerodayinitiative.com/advisories/ZDI-CAN-18111/","source":"secalert@redhat.com","tags":["Patch","Third Party Advisory","VDB Entry"]},{"url":"https://access.redhat.com/errata/RHSA-2024:2394","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://access.redhat.com/errata/RHSA-2024:2950","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://access.redhat.com/errata/RHSA-2024:3138","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://access.redhat.com/security/cve/CVE-2023-39194","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2226788","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.zerodayinitiative.com/advisories/ZDI-CAN-18111/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory","VDB Entry"]}]}}]}