{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T19:42:28.712","vulnerabilities":[{"cve":{"id":"CVE-2023-52746","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2024-05-21T16:15:14.377","lastModified":"2025-04-02T14:50:27.237","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm/compat: prevent potential spectre v1 gadget in xfrm_xlate32_attr()\n\n  int type = nla_type(nla);\n\n  if (type > XFRMA_MAX) {\n            return -EOPNOTSUPP;\n  }\n\n@type is then used as an array index and can be used\nas a Spectre v1 gadget.\n\n  if (nla_len(nla) < compat_policy[type].len) {\n\narray_index_nospec() can be used to prevent leaking\ncontent of kernel memory to malicious users."},{"lang":"es","value":" En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: xfrm/compat: previene el posible gadget spectre v1 en xfrm_xlate32_attr() int type = nla_type(nla); if (tipo &gt; XFRMA_MAX) { return -EOPNOTSUPP; } @type luego se usa como índice de matriz y se puede usar como un gadget Spectre v1. if (nla_len(nla) &lt; compat_policy[type].len) { array_index_nospec() se puede utilizar para evitar la filtración de contenido de la memoria del kernel a usuarios malintencionados."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":2.5,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.0,"impactScore":1.4}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-401"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.10","versionEndExcluding":"5.10.168","matchCriteriaId":"1D20BB03-647C-4CEB-BA4E-031067BC2BCB"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.94","matchCriteriaId":"55EC7465-CE9A-4B9C-B0FA-97394061A77F"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.12","matchCriteriaId":"63F0738E-F1B2-47A2-9329-E2B8BC87708A"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.2:rc1:*:*:*:*:*:*","matchCriteriaId":"FF501633-2F44-4913-A8EE-B021929F49F6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.2:rc2:*:*:*:*:*:*","matchCriteriaId":"2BDA597B-CAC1-4DF0-86F0-42E142C654E9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.2:rc3:*:*:*:*:*:*","matchCriteriaId":"725C78C9-12CE-406F-ABE8-0813A01D66E8"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.2:rc4:*:*:*:*:*:*","matchCriteriaId":"A127C155-689C-4F67-B146-44A57F4BFD85"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.2:rc5:*:*:*:*:*:*","matchCriteriaId":"D34127CC-68F5-4703-A5F6-5006F803E4AE"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.2:rc6:*:*:*:*:*:*","matchCriteriaId":"4AB8D555-648E-4F2F-98BD-3E7F45BD12A8"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.2:rc7:*:*:*:*:*:*","matchCriteriaId":"C64BDD9D-C663-4E75-AE06-356EDC392B82"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/419674224390fca298020fc0751a20812f84b12d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/5dc688fae6b7be9dbbf5304a3d2520d038e06db5","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/a893cc644812728e86e9aff517fd5698812ecef0","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b6ee896385380aa621102e8ea402ba12db1cabff","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/419674224390fca298020fc0751a20812f84b12d","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/5dc688fae6b7be9dbbf5304a3d2520d038e06db5","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/a893cc644812728e86e9aff517fd5698812ecef0","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b6ee896385380aa621102e8ea402ba12db1cabff","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]}]}}]}