Open witchcraze opened 1 week ago
- CVE-2023-3776
- Suggested Configuration
- OR
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 2.6.12 up to (excluding) 4.14.322
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 4.15 up to (excluding) 4.19.291
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 4.20 up to (excluding) 5.4.251
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.5 up to (excluding) 5.10.188
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.11 up to (excluding) 5.15.121
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.16 up to (excluding) 6.1.40
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.2 up to (excluding) 6.4.5
- Reference
- https://ubuntu.com/security/CVE-2023-3776
- https://www.kernel.org/pub//linux/kernel/v4.x/ChangeLog-4.14.322
- https://www.kernel.org/pub//linux/kernel/v4.x/ChangeLog-4.19.291
- https://www.kernel.org/pub//linux/kernel/v5.x/ChangeLog-5.4.251
- https://www.kernel.org/pub//linux/kernel/v5.x/ChangeLog-5.10.188
- https://www.kernel.org/pub//linux/kernel/v5.x/ChangeLog-5.15.121
- https://www.kernel.org/pub//linux/kernel/v6.x/ChangeLog-6.1.40
- https://www.kernel.org/pub//linux/kernel/v6.x/ChangeLog-6.4.5
- https://www.kernel.org/pub//linux/kernel/v6.x/ChangeLog-6.5
- Reference (Commit)
- net/sched: cls_fw: Fix improper refcount update leads to use-after-free
- Fixed by
- 4.14.322 (fa020e39526994c7248f241f75d615b0df5d7671)
- 4.19.291 (612f468cfc3df83777ae21058419b1fc8e9037eb)
- 5.4.251 (808211a8d427404331e39e3b8c94ab5242eef8f5)
- 5.10.188 (80e0e8d5f54397c5048fa2274144134dd9dc91b5)
- 5.15.121 (5b55f2d6ef403fcda93ae4eb4d8c1ba164c66e92)
- 6.1.40 (c91fb29bb07ee4dd40aabd1e41f19c0f92ac3199)
- 6.4.5 (0a2e3f49febda459252f58cec2d659623d582800)
- 6.5 (0323bce598eea038714f941ce2b22541c46d488f) (upstream)
- Will be introduced by
- 2.6.12 (1da177e4c3f4)
- I Checked
- From ubuntu page
- Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 Fixed by 0323bce598eea038714f941ce2b22541c46d488f
- 0323bce598eea038714f941ce2b22541c46d488f is written as upstream commit in each ChangeLog
[CVE Configuration Update Request] Update Suggestion - CVE-2023-3776 - Cvss3 : 7.8
https://www.linuxkernelcves.com/cves/CVE-2023-3776 https://gitlab.com/cip-project/cip-kernel/cip-kernel-sec/-/blob/master/issues/CVE-2023-3776.yml https://github.com/witchcraze/NVD_CHECK/blob/main/kernel/CVE-2023-3776.json