artsking / linux-4.1.15_noPatch

Other
0 stars 0 forks source link

CVE-2023-3269 (High) detected in multiple libraries #838

Open mend-bolt-for-github[bot] opened 1 year ago

mend-bolt-for-github[bot] commented 1 year ago

CVE-2023-3269 - High Severity Vulnerability

Vulnerable Libraries - linux-stable-rtv4.1.33, linux-stable-rtv4.1.33, linux-stable-rtv4.1.33

Vulnerability Details

A vulnerability exists in the memory management subsystem of the Linux kernel. The lock handling for accessing and updating virtual memory areas (VMAs) is incorrect, leading to use-after-free problems. This issue can be successfully exploited to execute arbitrary kernel code, escalate containers, and gain root privileges.

Publish Date: 2023-07-11

URL: CVE-2023-3269

CVSS 3 Score Details (7.8)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://www.linuxkernelcves.com/cves/CVE-2023-3269

Release Date: 2023-07-11

Fix Resolution: v6.1.37,v6.3.11,v6.5-rc1


Step up your Open Source Security Game with Mend here