{"id":"CVE-2023-6536","details":"A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.","modified":"2026-03-13T07:48:41.928422Z","published":"2024-02-07T21:15:08.733Z","related":["ALSA-2024:0897","SUSE-SU-2024:0463-1","SUSE-SU-2024:0469-1","SUSE-SU-2024:0474-1","SUSE-SU-2024:0476-1","SUSE-SU-2024:0478-1","SUSE-SU-2024:0484-1","SUSE-SU-2024:0514-1","SUSE-SU-2024:0515-1","SUSE-SU-2024:0516-1","SUSE-SU-2024:0975-1","SUSE-SU-2024:1321-1","SUSE-SU-2024:1454-1","SUSE-SU-2024:1466-1","SUSE-SU-2024:1480-1","SUSE-SU-2024:1489-1","SUSE-SU-2024:1490-1","SUSE-SU-2024:1643-1","SUSE-SU-2024:1646-1","SUSE-SU-2024:1870-1","USN-6818-2","USN-6819-2","openSUSE-SU-2024:13660-1","openSUSE-SU-2025:14705-1"],"references":[{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFYW6R64GPLUOXSQBJI3JBUX3HGLAYPP/"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2024:0897"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2024:1248"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2024:2094"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2024:3810"},{"type":"ADVISORY","url":"https://access.redhat.com/security/cve/CVE-2023-6536"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20240415-0001/"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2024:0723"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2024:0725"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2024:0881"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2024:0724"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2254052"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-6536.json","unresolved_ranges":[{"events":[{"introduced":"5.0"},{"fixed":"5.4.268"}]},{"events":[{"introduced":"5.5"},{"fixed":"5.10.209"}]},{"events":[{"introduced":"5.11"},{"fixed":"5.15.148"}]},{"events":[{"introduced":"5.16"},{"fixed":"6.1.75"}]},{"events":[{"introduced":"6.2"},{"fixed":"6.6.14"}]},{"events":[{"introduced":"6.7"},{"fixed":"6.7.2"}]},{"events":[{"introduced":"0"},{"last_affected":"8.6"}]},{"events":[{"introduced":"0"},{"last_affected":"9.2"}]},{"events":[{"introduced":"0"},{"last_affected":"8.6_ppc64le"}]},{"events":[{"introduced":"0"},{"last_affected":"9.2_ppc64le"}]},{"events":[{"introduced":"0"},{"last_affected":"8.6_aarch64"}]},{"events":[{"introduced":"0"},{"last_affected":"9.2_aarch64"}]},{"events":[{"introduced":"0"},{"last_affected":"9.2_s390x"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"9.0"}]},{"events":[{"introduced":"0"},{"last_affected":"8.6"}]},{"events":[{"introduced":"0"},{"last_affected":"9.2"}]},{"events":[{"introduced":"0"},{"last_affected":"8.6_aarch64"}]},{"events":[{"introduced":"0"},{"last_affected":"9.2_aarch64"}]},{"events":[{"introduced":"0"},{"last_affected":"8.6_s390x"}]},{"events":[{"introduced":"0"},{"last_affected":"9.2_s390x"}]},{"events":[{"introduced":"0"},{"last_affected":"8.6_ppc64le"}]},{"events":[{"introduced":"0"},{"last_affected":"9.2_ppc64le"}]},{"events":[{"introduced":"0"},{"last_affected":"9.2"}]},{"events":[{"introduced":"0"},{"last_affected":"9.2"}]},{"events":[{"introduced":"0"},{"last_affected":"8.6"}]},{"events":[{"introduced":"0"},{"last_affected":"9.2"}]},{"events":[{"introduced":"0"},{"last_affected":"8.6_ppc64le"}]},{"events":[{"introduced":"0"},{"last_affected":"9.2_ppc64le"}]},{"events":[{"introduced":"0"},{"last_affected":"8.6"}]},{"events":[{"introduced":"0"},{"last_affected":"4.0"}]},{"events":[{"introduced":"0"},{"last_affected":"10.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}