Cyber Resilience

CVE-2023-5178

High

Published: 01 November 2023

Published
01 November 2023
Modified
24 March 2026
KEV Added
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0810 92.3th percentile
Risk Priority 22 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-5178 is a high-severity Use After Free (CWE-416) vulnerability in Linux Linux Kernel. Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked in the top 7.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

A use-after-free vulnerability exists in the NVMe/TCP subsystem of the Linux kernel, specifically in the nvmet_tcp_free_crypto function within drivers/nvme/target/tcp.c. The flaw stems from a logical bug that can trigger both use-after-free and double-free conditions in memory handling for NVMe over TCP targets.

An attacker with network access and limited privileges can exploit the issue to achieve remote code execution or local privilege escalation on affected systems. The vulnerability carries a CVSS 3.1 score of 8.8, reflecting its network-accessible attack vector, low complexity, and high impact on confidentiality, integrity, and availability.

Multiple Red Hat Security Advisories (RHSA-2023:7370, RHSA-2023:7379, RHSA-2023:7418, RHSA-2023:7548, and RHSA-2023:7549) address the flaw through kernel updates that resolve the memory-management error in the NVMe/TCP target code.

The associated EPSS score has remained in the 0.08–0.09 range with no pronounced increase after disclosure.

EU & UK References

Vulnerability details

A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel. This issue may allow a malicious user to cause a use-after-free and double-free problem, which may permit remote…

more

code execution or lead to local privilege escalation.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
T1210 Exploitation of Remote Services Lateral Movement
Adversaries may exploit remote services to gain unauthorized access to internal systems once inside of a network.
Why these techniques?

The use-after-free vulnerability in the Linux kernel's NVMe/TCP subsystem enables exploitation for privilege escalation (T1068) and exploitation of remote services (T1210) due to potential remote code execution or local privilege escalation triggered via the network-exposed NVMe target service.

Affected Assets

linux
linux kernel
5.0 — 5.4.260 · 5.5 — 5.10.199 · 5.11 — 5.15.137
redhat
enterprise linux
8.0, 9.0
netapp
active iq unified manager
all versions
netapp
solidfire \& hci management node
all versions
netapp
solidfire \& hci storage node
all versions

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-416

Use-after-free exploits that achieve arbitrary code execution are blocked or significantly hardened by non-executable pages and ASLR.

References