{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2023-6679","assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","state":"PUBLISHED","assignerShortName":"redhat","dateReserved":"2023-12-11T11:46:56.654Z","datePublished":"2023-12-11T18:31:28.840Z","dateUpdated":"2025-11-21T06:23:16.249Z"},"containers":{"cna":{"title":"Kernel: null pointer dereference in dpll_pin_parent_pin_set() in drivers/dpll/dpll_netlink.c","metrics":[{"other":{"content":{"value":"Low","namespace":"https://access.redhat.com/security/updates/classification/"},"type":"Red Hat severity rating"}},{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":5.5,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"format":"CVSS"}],"descriptions":[{"lang":"en","value":"A null pointer dereference vulnerability was found in dpll_pin_parent_pin_set() in drivers/dpll/dpll_netlink.c in the Digital Phase Locked Loop (DPLL) subsystem in the  Linux kernel. This issue could be exploited to trigger a denial of service."}],"affected":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"kernel","defaultStatus":"affected","versions":[{"version":"0:5.14.0-362.18.1.el9_3","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:enterprise_linux:9::realtime","cpe:/o:redhat:enterprise_linux:9::baseos","cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb","cpe:/a:redhat:enterprise_linux:9::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"kernel","defaultStatus":"affected","versions":[{"version":"0:5.14.0-362.18.1.el9_3","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:enterprise_linux:9::realtime","cpe:/o:redhat:enterprise_linux:9::baseos","cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb","cpe:/a:redhat:enterprise_linux:9::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Extended Update Support","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"kernel","defaultStatus":"affected","versions":[{"version":"0:5.14.0-284.48.1.el9_2","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:rhel_eus:9.2::appstream","cpe:/a:redhat:rhel_eus:9.2::crb","cpe:/o:redhat:rhel_eus:9.2::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Extended Update Support","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"kernel-rt","defaultStatus":"affected","versions":[{"version":"0:5.14.0-284.48.1.rt14.333.el9_2","lessThan":"*","versionType":"rpm","status":"unaffected"}],"cpes":["cpe:/a:redhat:rhel_eus:9.2::nfv","cpe:/a:redhat:rhel_eus:9.2::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"kernel","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"kernel","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"kernel-rt","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"kernel","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"kernel-rt","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"kernel-rt","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2024:0439","name":"RHSA-2024:0439","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2024:0448","name":"RHSA-2024:0448","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/errata/RHSA-2024:0461","name":"RHSA-2024:0461","tags":["vendor-advisory","x_refsource_REDHAT"]},{"url":"https://access.redhat.com/security/cve/CVE-2023-6679","tags":["vdb-entry","x_refsource_REDHAT"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2253986","name":"RHBZ#2253986","tags":["issue-tracking","x_refsource_REDHAT"]},{"url":"https://lore.kernel.org/netdev/20231211083758.1082853-1-jiri@resnulli.us/"}],"datePublic":"2023-12-11T11:48:00.000Z","problemTypes":[{"descriptions":[{"cweId":"CWE-476","description":"NULL Pointer Dereference","lang":"en","type":"CWE"}]}],"x_redhatCweChain":"CWE-476: NULL Pointer Dereference","workarounds":[{"lang":"en","value":"Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}],"timeline":[{"lang":"en","time":"2023-12-11T00:00:00.000Z","value":"Reported to Red Hat."},{"lang":"en","time":"2023-12-11T11:48:00.000Z","value":"Made public."}],"credits":[{"lang":"en","value":"Red Hat would like to thank Xingyuan Mo ((IceSword Lab)) for reporting this issue."}],"providerMetadata":{"orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat","dateUpdated":"2025-11-21T06:23:16.249Z"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T08:35:14.964Z"},"title":"CVE Program Container","references":[{"url":"https://access.redhat.com/errata/RHSA-2024:0439","name":"RHSA-2024:0439","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"]},{"url":"https://access.redhat.com/errata/RHSA-2024:0448","name":"RHSA-2024:0448","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"]},{"url":"https://access.redhat.com/errata/RHSA-2024:0461","name":"RHSA-2024:0461","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"]},{"url":"https://access.redhat.com/security/cve/CVE-2023-6679","tags":["vdb-entry","x_refsource_REDHAT","x_transferred"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2253986","name":"RHBZ#2253986","tags":["issue-tracking","x_refsource_REDHAT","x_transferred"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LSPIOMIJYTLZB6QKPQVVAYSUETUWKPF/","tags":["x_transferred"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LBVHM4LGMFIHBN4UBESYRFMYX3WUICV5/","tags":["x_transferred"]},{"url":"https://lore.kernel.org/netdev/20231211083758.1082853-1-jiri@resnulli.us/","tags":["x_transferred"]}]}]}}