{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T22:28:02.603","vulnerabilities":[{"cve":{"id":"CVE-2023-6040","sourceIdentifier":"security@ubuntu.com","published":"2024-01-12T02:15:44.683","lastModified":"2025-03-20T16:59:40.090","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported family); While creating a new netfilter table, lack of a safeguard against invalid nf_tables family (pf) values within `nf_tables_newtable` function enables an attacker to achieve out-of-bounds access."},{"lang":"es","value":"Se informó y solucionó una vulnerabilidad de acceso fuera de los límites que involucraba a netfilter como: f1082dd31fe4 (netfilter: nf_tables: Rechazar tablas de familia no admitida); Al crear una nueva tabla netfilter, la falta de protección contra valores no válidos de la familia nf_tables (pf) dentro de la función `nf_tables_newtable` permite a un atacante lograr un acceso fuera de los límites."}],"metrics":{"cvssMetricV31":[{"source":"security@ubuntu.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"security@ubuntu.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.16","versionEndExcluding":"4.19.305","matchCriteriaId":"9C2D75B7-AC4B-4188-A2EA-FF12AC16F4FD"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.20","versionEndExcluding":"5.4.267","matchCriteriaId":"B2178B60-868D-465B-945E-4A61545B2736"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5","versionEndExcluding":"5.10.208","matchCriteriaId":"9369B1D9-0165-406A-96D6-C63C6BF45897"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.147","matchCriteriaId":"15E5B535-2734-44C8-B241-0601F0605054"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"5.18","matchCriteriaId":"32BB3261-7C4B-420A-9581-F22C50662262"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/177029/Kernel-Live-Patch-Security-Notice-LSN-0100-1.html","source":"security@ubuntu.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.openwall.com/lists/oss-security/2024/01/12/1","source":"security@ubuntu.com","tags":["Mailing List","Patch","Third Party Advisory"]},{"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6040","source":"security@ubuntu.com","tags":["Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html","source":"security@ubuntu.com","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html","source":"security@ubuntu.com","tags":["Mailing List","Third Party Advisory"]},{"url":"https://www.openwall.com/lists/oss-security/2024/01/12/1","source":"security@ubuntu.com","tags":["Mailing List","Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/177029/Kernel-Live-Patch-Security-Notice-LSN-0100-1.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.openwall.com/lists/oss-security/2024/01/12/1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Patch","Third Party Advisory"]},{"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6040","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://www.openwall.com/lists/oss-security/2024/01/12/1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}}]}