Open mend-bolt-for-github[bot] opened 1 year ago
Yocto Linux Embedded kernel
Library home page: https://git.yoctoproject.org/git/linux-yocto
Found in base branch: master
/drivers/net/wireless/rndis_wlan.c /drivers/net/wireless/rndis_wlan.c
In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.
Publish Date: 2023-01-13
URL: CVE-2023-23559
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
Type: Upgrade version
Origin: https://www.linuxkernelcves.com/cves/CVE-2023-23559
Release Date: 2023-01-13
Fix Resolution: v4.14.305,v4.19.272,v5.4.231,v5.10.166,v5.15.91,v6.1.9,v6.2-rc5
Step up your Open Source Security Game with Mend here
CVE-2023-23559 - High Severity Vulnerability
Yocto Linux Embedded kernel
Library home page: https://git.yoctoproject.org/git/linux-yocto
Found in base branch: master
In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.
Publish Date: 2023-01-13
URL: CVE-2023-23559
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: Low - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High
For more information on CVSS3 Scores, click here.Type: Upgrade version
Origin: https://www.linuxkernelcves.com/cves/CVE-2023-23559
Release Date: 2023-01-13
Fix Resolution: v4.14.305,v4.19.272,v5.4.231,v5.10.166,v5.15.91,v6.1.9,v6.2-rc5
Step up your Open Source Security Game with Mend here