CVE-2023-0881

HIGH

Canonical Linux-bluefield < 5.4.0-1058.64 - Denial of Service

Title source: rule

Description

Running DDoS on tcp port 22 will trigger a kernel crash. This issue is introduced by the backport of a commit regarding nft_lookup without the subsequent fixes that were introduced after this commit. The resolution of this CVE introduces those commits to the linux-bluefield package.

References (1)

[Exploit, Issue Tracking] https://bugs.launchpad.net/ubuntu/+source/linux-bluefield/+bug/2006397

Scores

CVSS v3 7.5

EPSS 0.0040

EPSS Percentile 60.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-1333 CWE-20

Status published

Products (1)

canonical/linux-bluefield < 5.4.0-1058.64

Published Mar 31, 2025

Tracked Since Feb 18, 2026