CVE-2023-7008 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	5.9 MEDIUM	NETWORK	HIGH	NONE	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 65%

Debian Releases

Debian Product

Codename

systemd

bookworm	252.31-1~deb12u1 fixed
bullseye	vulnerable
bullseye (security)	247.3-7+deb11u6 fixed
buster	no-dsa
sid	257.1-5 fixed
trixie	257.1-4 fixed

Ubuntu Releases

Ubuntu Product

Codename

systemd

bionic	needs-triage
focal	needed
jammy	needed
lunar	ignored
mantic	ignored
noble	Fixed 255.2-3ubuntu1 released
oracular	Fixed 255.2-3ubuntu1 released
trusty	ignored
xenial	needs-triage

openSUSE / SLES Releases

openSUSE Product

Release

libsystemd0

suse enterprise desktop 15 SP5	249.17-150400.8.43.1 fixed
suse enterprise desktop 15 SP6	254.10-150600.2.3 fixed
suse enterprise desktop 15 SP7	254.24-150600.4.28.1 fixed
suse enterprise sap 15 SP5	249.17-150400.8.43.1 fixed
suse enterprise sap 15 SP6	254.10-150600.2.3 fixed
suse enterprise sap 15 SP7	254.24-150600.4.28.1 fixed
suse enterprise server 15 SP4	249.17-150400.8.43.1 fixed
suse enterprise server 15 SP5	249.17-150400.8.43.1 fixed
suse enterprise server 15 SP6	254.10-150600.2.3 fixed
suse enterprise server 15 SP7	254.24-150600.4.28.1 fixed

libsystemd0-32bit

suse enterprise desktop 15 SP5	249.17-150400.8.43.1 fixed
suse enterprise desktop 15 SP6	254.10-150600.2.3 fixed
suse enterprise desktop 15 SP7	254.24-150600.4.28.1 fixed
suse enterprise sap 15 SP5	249.17-150400.8.43.1 fixed
suse enterprise sap 15 SP6	254.10-150600.2.3 fixed
suse enterprise sap 15 SP7	254.24-150600.4.28.1 fixed
suse enterprise server 15 SP4	249.17-150400.8.43.1 fixed
suse enterprise server 15 SP5	249.17-150400.8.43.1 fixed
suse enterprise server 15 SP6	254.10-150600.2.3 fixed
suse enterprise server 15 SP7	254.24-150600.4.28.1 fixed

libudev1

suse enterprise desktop 15 SP5	249.17-150400.8.43.1 fixed
suse enterprise desktop 15 SP6	254.10-150600.2.3 fixed
suse enterprise desktop 15 SP7	254.24-150600.4.28.1 fixed
suse enterprise sap 15 SP5	249.17-150400.8.43.1 fixed
suse enterprise sap 15 SP6	254.10-150600.2.3 fixed
suse enterprise sap 15 SP7	254.24-150600.4.28.1 fixed
suse enterprise server 15 SP4	249.17-150400.8.43.1 fixed
suse enterprise server 15 SP5	249.17-150400.8.43.1 fixed
suse enterprise server 15 SP6	254.10-150600.2.3 fixed
suse enterprise server 15 SP7	254.24-150600.4.28.1 fixed

libudev1-32bit

suse enterprise desktop 15 SP5	249.17-150400.8.43.1 fixed
suse enterprise desktop 15 SP6	254.10-150600.2.3 fixed
suse enterprise desktop 15 SP7	254.24-150600.4.28.1 fixed
suse enterprise sap 15 SP5	249.17-150400.8.43.1 fixed
suse enterprise sap 15 SP6	254.10-150600.2.3 fixed
suse enterprise sap 15 SP7	254.24-150600.4.28.1 fixed
suse enterprise server 15 SP4	249.17-150400.8.43.1 fixed
suse enterprise server 15 SP5	249.17-150400.8.43.1 fixed
suse enterprise server 15 SP6	254.10-150600.2.3 fixed
suse enterprise server 15 SP7	254.24-150600.4.28.1 fixed

systemd

suse enterprise desktop 15 SP5	249.17-150400.8.43.1 fixed
suse enterprise desktop 15 SP6	254.10-150600.2.3 fixed
suse enterprise desktop 15 SP7	254.24-150600.4.28.1 fixed
suse enterprise sap 15 SP5	249.17-150400.8.43.1 fixed
suse enterprise sap 15 SP6	254.10-150600.2.3 fixed
suse enterprise sap 15 SP7	254.24-150600.4.28.1 fixed
suse enterprise server 15 SP4	249.17-150400.8.43.1 fixed
suse enterprise server 15 SP5	249.17-150400.8.43.1 fixed
suse enterprise server 15 SP6	254.10-150600.2.3 fixed
suse enterprise server 15 SP7	254.24-150600.4.28.1 fixed

systemd-32bit

suse enterprise desktop 15 SP5	249.17-150400.8.43.1 fixed
suse enterprise desktop 15 SP6	254.10-150600.2.3 fixed
suse enterprise desktop 15 SP7	254.24-150600.4.28.1 fixed
suse enterprise sap 15 SP5	249.17-150400.8.43.1 fixed
suse enterprise sap 15 SP6	254.10-150600.2.3 fixed
suse enterprise sap 15 SP7	254.24-150600.4.28.1 fixed
suse enterprise server 15 SP4	249.17-150400.8.43.1 fixed
suse enterprise server 15 SP5	249.17-150400.8.43.1 fixed
suse enterprise server 15 SP6	254.10-150600.2.3 fixed
suse enterprise server 15 SP7	254.24-150600.4.28.1 fixed

systemd-container

suse enterprise desktop 15 SP5	249.17-150400.8.43.1 fixed
suse enterprise desktop 15 SP6	254.10-150600.2.3 fixed
suse enterprise desktop 15 SP7	254.24-150600.4.28.1 fixed
suse enterprise sap 15 SP5	249.17-150400.8.43.1 fixed
suse enterprise sap 15 SP6	254.10-150600.2.3 fixed
suse enterprise sap 15 SP7	254.24-150600.4.28.1 fixed
suse enterprise server 15 SP4	249.17-150400.8.43.1 fixed
suse enterprise server 15 SP5	249.17-150400.8.43.1 fixed
suse enterprise server 15 SP6	254.10-150600.2.3 fixed
suse enterprise server 15 SP7	254.24-150600.4.28.1 fixed

systemd-coredump

suse enterprise desktop 15 SP5	249.17-150400.8.43.1 fixed
suse enterprise desktop 15 SP6	254.10-150600.2.3 fixed
suse enterprise desktop 15 SP7	254.24-150600.4.28.1 fixed
suse enterprise sap 15 SP5	249.17-150400.8.43.1 fixed
suse enterprise sap 15 SP6	254.10-150600.2.3 fixed
suse enterprise sap 15 SP7	254.24-150600.4.28.1 fixed
suse enterprise server 15 SP4	249.17-150400.8.43.1 fixed
suse enterprise server 15 SP5	249.17-150400.8.43.1 fixed
suse enterprise server 15 SP6	254.10-150600.2.3 fixed
suse enterprise server 15 SP7	254.24-150600.4.28.1 fixed

systemd-devel

suse enterprise desktop 15 SP5	249.17-150400.8.43.1 fixed
suse enterprise desktop 15 SP6	254.10-150600.2.3 fixed
suse enterprise desktop 15 SP7	254.24-150600.4.28.1 fixed
suse enterprise sap 15 SP5	249.17-150400.8.43.1 fixed
suse enterprise sap 15 SP6	254.10-150600.2.3 fixed
suse enterprise sap 15 SP7	254.24-150600.4.28.1 fixed
suse enterprise server 15 SP4	249.17-150400.8.43.1 fixed
suse enterprise server 15 SP5	249.17-150400.8.43.1 fixed
suse enterprise server 15 SP6	254.10-150600.2.3 fixed
suse enterprise server 15 SP7	254.24-150600.4.28.1 fixed

systemd-doc

suse enterprise desktop 15 SP5	249.17-150400.8.43.1 fixed
suse enterprise desktop 15 SP6	254.10-150600.2.3 fixed
suse enterprise desktop 15 SP7	254.24-150600.4.28.1 fixed
suse enterprise sap 15 SP5	249.17-150400.8.43.1 fixed
suse enterprise sap 15 SP6	254.10-150600.2.3 fixed
suse enterprise sap 15 SP7	254.24-150600.4.28.1 fixed
suse enterprise server 15 SP4	249.17-150400.8.43.1 fixed
suse enterprise server 15 SP5	249.17-150400.8.43.1 fixed
suse enterprise server 15 SP6	254.10-150600.2.3 fixed
suse enterprise server 15 SP7	254.24-150600.4.28.1 fixed

systemd-lang

suse enterprise desktop 15 SP5	249.17-150400.8.43.1 fixed
suse enterprise desktop 15 SP6	254.10-150600.2.3 fixed
suse enterprise desktop 15 SP7	254.24-150600.4.28.1 fixed
suse enterprise sap 15 SP5	249.17-150400.8.43.1 fixed
suse enterprise sap 15 SP6	254.10-150600.2.3 fixed
suse enterprise sap 15 SP7	254.24-150600.4.28.1 fixed
suse enterprise server 15 SP4	249.17-150400.8.43.1 fixed
suse enterprise server 15 SP5	249.17-150400.8.43.1 fixed
suse enterprise server 15 SP6	254.10-150600.2.3 fixed
suse enterprise server 15 SP7	254.24-150600.4.28.1 fixed

systemd-sysvcompat

suse enterprise desktop 15 SP6	254.10-150600.2.3 fixed
suse enterprise desktop 15 SP7	254.24-150600.4.28.1 fixed
suse enterprise sap 15 SP6	254.10-150600.2.3 fixed
suse enterprise sap 15 SP7	254.24-150600.4.28.1 fixed
suse enterprise server 15 SP6	254.10-150600.2.3 fixed
suse enterprise server 15 SP7	254.24-150600.4.28.1 fixed

systemd-sysvinit

suse enterprise desktop 15 SP5	249.17-150400.8.43.1 fixed
suse enterprise sap 15 SP5	249.17-150400.8.43.1 fixed
suse enterprise server 15 SP4	249.17-150400.8.43.1 fixed
suse enterprise server 15 SP5	249.17-150400.8.43.1 fixed

udev

suse enterprise desktop 15 SP5	249.17-150400.8.43.1 fixed
suse enterprise desktop 15 SP6	254.10-150600.2.3 fixed
suse enterprise desktop 15 SP7	254.24-150600.4.28.1 fixed
suse enterprise sap 15 SP5	249.17-150400.8.43.1 fixed
suse enterprise sap 15 SP6	254.10-150600.2.3 fixed
suse enterprise sap 15 SP7	254.24-150600.4.28.1 fixed
suse enterprise server 15 SP4	249.17-150400.8.43.1 fixed
suse enterprise server 15 SP5	249.17-150400.8.43.1 fixed
suse enterprise server 15 SP6	254.10-150600.2.3 fixed
suse enterprise server 15 SP7	254.24-150600.4.28.1 fixed

Red Hat Enterprise Linux Releases

Red Hat Product

Release

rhel-net-naming-sysattrs

RHEL 9

0:252-32.el9_4

fixed

systemd

RHEL 8	0:239-82.el8 fixed
RHEL 9	0:252-32.el9_4 fixed

systemd-boot-unsigned

RHEL 9

0:252-32.el9_4

fixed

systemd-container

RHEL 8	0:239-82.el8 fixed
RHEL 9	0:252-32.el9_4 fixed

systemd-devel

RHEL 8	0:239-82.el8 fixed
RHEL 9	0:252-32.el9_4 fixed

systemd-journal-remote

RHEL 8	0:239-82.el8 fixed
RHEL 9	0:252-32.el9_4 fixed

systemd-libs

RHEL 8	0:239-82.el8 fixed
RHEL 9	0:252-32.el9_4 fixed

systemd-oomd

RHEL 9

0:252-32.el9_4

fixed

systemd-pam

RHEL 8	0:239-82.el8 fixed
RHEL 9	0:252-32.el9_4 fixed

systemd-resolved

RHEL 9

0:252-32.el9_4

fixed

systemd-rpm-macros

RHEL 9

0:252-32.el9_4

fixed

systemd-tests

RHEL 8

0:239-82.el8

fixed

systemd-udev

RHEL 8	0:239-82.el8 fixed
RHEL 9	0:252-32.el9_4 fixed

Common Weakness Enumeration

CWE-300 - Channel Accessible by Non-Endpoint
The product does not adequately verify the identity of actors at both ends of a communication channel, or does not adequately ensure the integrity of the channel, in a way that allows the channel to be accessed or influenced by an actor that is not an endpoint.

References

https://access.redhat.com/errata/RHSA-2024:2463

https://access.redhat.com/errata/RHSA-2024:3203

https://access.redhat.com/security/cve/CVE-2023-7008

https://bugzilla.redhat.com/show_bug.cgi?id=2222261

https://bugzilla.redhat.com/show_bug.cgi?id=2222672

https://github.com/systemd/systemd/issues/25676

https://access.redhat.com/errata/RHSA-2024:2463

https://access.redhat.com/errata/RHSA-2024:3203

https://access.redhat.com/security/cve/CVE-2023-7008

https://bugzilla.redhat.com/show_bug.cgi?id=2222261

https://bugzilla.redhat.com/show_bug.cgi?id=2222672

https://github.com/systemd/systemd/issues/25676

https://lists.debian.org/debian-lts-announce/2024/09/msg00001.html

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4GMDEG5PKONWNHOEYSUDRT6JEOISRMN2/

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QHNBXGKJWISJETTTDTZKTBFIBJUOSLKL/

https://security.netapp.com/advisory/ntap-20241122-0004/