Open witchcraze opened 1 week ago
- CVE-2023-45898
- Suggested Configuration
- OR
*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 6.5 up to (excluding) 6.5.4
- Reference
- https://ubuntu.com/security/CVE-2023-45898
- https://www.kernel.org/pub//linux/kernel/v5.x/ChangeLog-5.4.263
- https://www.kernel.org/pub//linux/kernel/v5.x/ChangeLog-5.10.203
- https://www.kernel.org/pub//linux/kernel/v5.x/ChangeLog-5.15.141
- https://www.kernel.org/pub//linux/kernel/v6.x/ChangeLog-6.1.65
- https://www.kernel.org/pub//linux/kernel/v6.x/ChangeLog-6.5.4
- https://www.kernel.org/pub//linux/kernel/v6.x/ChangeLog-6.6
- Introduce
- https://www.kernel.org/pub//linux/kernel/v5.x/ChangeLog-5.4.263
- https://www.kernel.org/pub//linux/kernel/v5.x/ChangeLog-5.10.203
- https://www.kernel.org/pub//linux/kernel/v5.x/ChangeLog-5.15.141
- https://www.kernel.org/pub//linux/kernel/v6.x/ChangeLog-6.1.65
- https://www.kernel.org/pub//linux/kernel/v6.x/ChangeLog-6.5
- Reference (Commit)
- ext4: fix slab-use-after-free in ext4_es_insert_extent()
- Fixed by
- 5.4.263 (70edeedd795a634fdd99e757c7931b9e81686560)
- 5.10.203 (10341e77e49fab3e095ae548ceb39335741b8fe9)
- 5.15.141 (e33eb4997585f2e17513e3f2923080dc08cbb00b)
- 6.1.65 (8384d8c5cc398cf59ab829d71d750752002f0a21)
- 6.5.4 (c15bf3330a9e3c01b23e59899a6a02432a62ddc3)
- 6.6 (768d612f79822d30a1e7d132a4d4b05337ce42ec) (upstream)
- Will be introduced by
- 5.4.263 (15a84cf4c785)
- 5.10.203 (5527898c6a9f)
- 5.15.141 (859893f61906)
- 6.1.65 (9164978bce49)
- 6.5 (2a69c450083d)
- I Checked
- From ubuntu page
- Introduced by 2a69c450083db164596c75c0f5b4d9c4c0e18eba Fixed by 768d612f79822d30a1e7d132a4d4b05337ce42ec
- 768d612f79822d30a1e7d132a4d4b05337ce42ec is written as upstream commit in each ChangeLog
- 2a69c450083db164596c75c0f5b4d9c4c0e18eba is written in ChangeLog-6.5
- 2a69c450083db164596c75c0f5b4d9c4c0e18eba is written as upstream commit in each ChangeLog (introduce)
[CVE Configuration Update Request] Update Suggestion - CVE-2023-45898 - Cvss3 : 7.8
https://www.linuxkernelcves.com/cves/CVE-2023-45898 https://gitlab.com/cip-project/cip-kernel/cip-kernel-sec/-/blob/master/issues/CVE-2023-45898.yml https://github.com/witchcraze/NVD_CHECK/blob/main/kernel/CVE-2023-45898.json