Early Access — Mondoo Vulnerability Intelligence is currently in preview.
An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a remote attacker to send a crafted TCP packet, triggering a heap-based buffer overflow that results in kmalloc data being printed and potentially leaked to the kernel ring buffer (dmesg).
Exploitability
AV:NAC:LPR:LUI:NScope
S:UImpact
C:LI:NA:N4.3/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NMemory Safety