CVE-2023-6121 Information

Description

An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This flaw allows a remote attacker to send a crafted TCP packet triggering a heap-based buffer overflow that results in kmalloc data to be printed (and potentially leaked) to the kernel ring buffer (dmesg).

Reference

https://access.redhat.com/security/cve/CVE-2023-6121 https://bugzilla.redhat.com/show_bug.cgi?id=2250043