CVE-2023-3107

A set of carefully crafted ipv6 packets can trigger an integer overflow in the calculation of a fragment reassembled packet's payload length field. This allows an attacker to trigger a kernel panic, resulting in a denial of service.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://security.FreeBSD.org/advisories/FreeBSD-SA-23:06.ipv6.asc	Mitigation Vendor Advisory
https://security.netapp.com/advisory/ntap-20230804-0001/	Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:freebsd:freebsd:12.4:-::::::
	cpe:2.3:o:freebsd:freebsd:12.4:p1::::::
	cpe:2.3:o:freebsd:freebsd:12.4:p2::::::
	cpe:2.3:o:freebsd:freebsd:12.4:p3::::::
	cpe:2.3:o:freebsd:freebsd:12.4:rc2-p1::::::
	cpe:2.3:o:freebsd:freebsd:12.4:rc2-p2::::::
	cpe:2.3:o:freebsd:freebsd:13.1:-::::::
	cpe:2.3:o:freebsd:freebsd:13.1:b1-p1::::::
	cpe:2.3:o:freebsd:freebsd:13.1:b2-p2::::::
	cpe:2.3:o:freebsd:freebsd:13.1:p1::::::
	cpe:2.3:o:freebsd:freebsd:13.1:p2::::::
	cpe:2.3:o:freebsd:freebsd:13.1:p3::::::
	cpe:2.3:o:freebsd:freebsd:13.1:p4::::::
	cpe:2.3:o:freebsd:freebsd:13.1:p5::::::
	cpe:2.3:o:freebsd:freebsd:13.1:p6::::::
	cpe:2.3:o:freebsd:freebsd:13.1:p7::::::
	cpe:2.3:o:freebsd:freebsd:13.1:p8::::::
	cpe:2.3:o:freebsd:freebsd:13.1:rc1-p1::::::
	cpe:2.3:o:freebsd:freebsd:13.2:-::::::
	cpe:2.3:o:freebsd:freebsd:13.2:p1::::::

Configuration 2 (hide)

cpe:2.3:a:netapp:clustered_data_ontap:9.0:-:*:*:*:*:*:*

History

No history.

Information

Published : 2023-08-01 23:15

Updated : 2023-08-07 15:24

NVD link : CVE-2023-3107

Mitre link : CVE-2023-3107

CVE.ORG link : CVE-2023-3107

JSON object : View

Products Affected

netapp

clustered_data_ontap

freebsd

freebsd

CWE

CWE-190

Integer Overflow or Wraparound

{"id": "CVE-2023-3107", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2023-08-01T23:15:30.580", "references": [{"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-23:06.ipv6.asc", "tags": ["Mitigation", "Vendor Advisory"], "source": "secteam@freebsd.org"}, {"url": "https://security.netapp.com/advisory/ntap-20230804-0001/", "tags": ["Third Party Advisory"], "source": "secteam@freebsd.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-190"}]}, {"type": "Secondary", "source": "secteam@freebsd.org", "description": [{"lang": "en", "value": "CWE-190"}]}], "descriptions": [{"lang": "en", "value": "A set of carefully crafted ipv6 packets can trigger an integer overflow in the calculation of a fragment reassembled packet's payload length field. This allows an attacker to trigger a kernel panic, resulting in a denial of service.\n"}, {"lang": "es", "value": "Un conjunto de paquetes ipv6 cuidadosamente dise\u00f1ados puede desencadenar un desbordamiento de enteros en el c\u00e1lculo del campo de longitud de la carga \u00fatil de un paquete reensamblado por fragmentos. Esto permite a un atacante desencadenar un kernel panic, resultando en una denegaci\u00f3n de servicio."}], "lastModified": "2023-08-07T15:24:41.907", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:freebsd:freebsd:12.4:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "24920B4D-96C0-401F-B679-BEB086760EAF"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:12.4:p1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3CE32730-A9F5-4E8D-BDA4-6B8232F84787"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:12.4:p2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "552E81DE-D409-475F-8ED0-E10A0BE43D29"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:12.4:p3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "251CAE22-C3E6-45AD-8301-F36BEE5C6860"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:12.4:rc2-p1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BA821886-B26B-47A6-ABC9-B8F70CE0ACFB"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:12.4:rc2-p2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "220629AD-32CC-4303-86AE-1DD27F0E4C65"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.1:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DEEE6D52-27E4-438D-AE8D-7141320B5973"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.1:b1-p1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "66364EA4-83B1-4597-8C18-D5633B361A9C"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.1:b2-p2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EF9292DD-EFB1-4B50-A941-7485D901489F"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.1:p1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EFB18F55-4F5C-4166-9A7E-6F6617179A90"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.1:p2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "66E1C269-841F-489A-9A0A-5D145B417E0A"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.1:p3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ECF1B567-F764-45F5-A793-BEA93720F952"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.1:p4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DAFE3F33-2C57-4B52-B658-82572607BD8C"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.1:p5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C925DF75-2785-44BD-91CA-66D29C296689"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.1:p6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BCE2DAEC-81A5-49E9-B7E7-4F143FA6B3F7"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.1:p7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7725D503-1437-4F90-B30C-007193D5F0E1"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.1:p8:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "49CDE3D8-2924-42B9-8778-C5A517F5451E"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.1:rc1-p1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B536EE52-ED49-4A85-BC9D-A27828D5A961"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A87EFA20-DD6B-41C5-98FD-A29F67D2E732"}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.2:p1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2888B0C1-4D85-42EC-9696-03FAD0A9C28F"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:netapp:clustered_data_ontap:9.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "52DE3DFE-350F-4E83-B425-1D7D47BEF6DA"}], "operator": "OR"}]}], "sourceIdentifier": "secteam@freebsd.org"}