witchcraze
commented
5 days ago - CVE-2023-3777
- Suggested Configuration
- OR
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.9 up to (excluding) 5.10.188
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.11 up to (excluding) 5.15.123
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.16 up to (excluding) 6.1.42
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.2 up to (excluding) 6.4.7
- Reference
- https://ubuntu.com/security/CVE-2023-3777
- https://www.kernel.org/pub//linux/kernel/v5.x/ChangeLog-5.10.188
- https://www.kernel.org/pub//linux/kernel/v5.x/ChangeLog-5.15.123
- https://www.kernel.org/pub//linux/kernel/v6.x/ChangeLog-6.1.42
- https://www.kernel.org/pub//linux/kernel/v6.x/ChangeLog-6.4.7
- https://www.kernel.org/pub//linux/kernel/v6.x/ChangeLog-6.5
- Introduce
- https://www.kernel.org/pub//linux/kernel/v5.x/ChangeLog-5.9
- Reference (Commit)
- netfilter: nf_tables: skip bound chain on rule flush
- Fixed by
- 5.10.188 (30e5460d69e631c0e84db37dba2d8f98648778d4)
- 5.15.123 (10013f764ad2957de08968bd02870b6b7683e3f6)
- 6.1.42 (e18922ce3e3169eb97838d1dcba2d679bcca446c)
- 6.4.7 (ab87c6b43822a56ae0aadc715364b5f8d4a96037)
- 6.5 (6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8) (upstream)
- Will be introduced by
- 5.9 (d0e2c7de92c7)
- I Checked
- From ubuntu page
- Introduced by d0e2c7de92c7f2b3d355ad76b0bb9fc43d1beb87 Fixed by 6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8
- 6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8 is written as upstream commit in each ChangeLog
- d0e2c7de92c7f2b3d355ad76b0bb9fc43d1beb87 is written in ChangeLog-5.9
[CVE Configuration Update Request] Update Suggestion - CVE-2023-3777 - Cvss3 : 7.8
https://www.linuxkernelcves.com/cves/CVE-2023-3777 https://gitlab.com/cip-project/cip-kernel/cip-kernel-sec/-/blob/master/issues/CVE-2023-3777.yml https://github.com/witchcraze/NVD_CHECK/blob/main/kernel/CVE-2023-3777.json
lts~lts~lts~esm~esm~