uthrasri / Linux_kernel_4.19.72

0 stars 0 forks source link

CVE-2023-3269 (High) detected in linuxlinux-4.19.72, linuxlinux-4.19.72 #41

Open mend-bolt-for-github[bot] opened 11 months ago

mend-bolt-for-github[bot] commented 11 months ago

CVE-2023-3269 - High Severity Vulnerability

Vulnerable Libraries - linuxlinux-4.19.72, linuxlinux-4.19.72

Vulnerability Details

A vulnerability exists in the memory management subsystem of the Linux kernel. The lock handling for accessing and updating virtual memory areas (VMAs) is incorrect, leading to use-after-free problems. This issue can be successfully exploited to execute arbitrary kernel code, escalate containers, and gain root privileges.

Publish Date: 2023-07-11

URL: CVE-2023-3269

CVSS 3 Score Details (7.8)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: High - Privileges Required: Low - User Interaction: None - Scope: Changed - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://www.linuxkernelcves.com/cves/CVE-2023-3269

Release Date: 2023-07-11

Fix Resolution: v6.1.37,v6.3.11,v6.5-rc1


Step up your Open Source Security Game with Mend here