CVE-2023-2593

MEDIUM

Linux Kernel - DoS

Title source: llm

Description

A flaw exists within the Linux kernel's handling of new TCP connections. The issue results from the lack of memory release after its effective lifetime. This vulnerability allows an unauthenticated attacker to create a denial of service condition on the system.

References (3)

[Mailing List] https://lore.kernel.org/lkml/CAH2r5msyEy20e=FBx6wPWWc3kXzNR4b+zHshSqidRdFKVf_7Jg@mail.gmail.com/

[Vendor Advisory] https://access.redhat.com/security/cve/CVE-2023-2593

[Issue Tracking] https://bugzilla.redhat.com/show_bug.cgi?id=2384787

Scores

CVSS v3 5.9

EPSS 0.0002

EPSS Percentile 3.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-835

Status published

Products (5)

Red Hat/Red Hat Enterprise Linux 10

Red Hat/Red Hat Enterprise Linux 6

Red Hat/Red Hat Enterprise Linux 7

Red Hat/Red Hat Enterprise Linux 8

Red Hat/Red Hat Enterprise Linux 9

Published Jul 30, 2025

Tracked Since Feb 18, 2026