Описание
In multiple functions of mem_protect.c, there is a possible way to access hypervisor memory due to a memory access check in the wrong place. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| linux | fixed | 6.3.7-1 | package | |
| linux | not-affected | bullseye | package | |
| linux | not-affected | buster | package |
Примечания
https://source.android.com/docs/security/bulletin/2023-08-01
https://git.kernel.org/linus/09cce60bddd6461a93a5bf434265a47827d1bc6f
EPSS
Связанные уязвимости
In multiple functions of mem_protect.c, there is a possible way to access hypervisor memory due to a memory access check in the wrong place. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
In multiple functions of mem_protect.c, there is a possible way to access hypervisor memory due to a memory access check in the wrong place. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
In multiple functions of mem_protect.c, there is a possible way to access hypervisor memory due to a memory access check in the wrong place. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Уязвимость функции __check_page_state_visitor() в модуле arch/arm64/kvm/hyp/nvhe/mem_protect.c подсистемы виртуализации KVM ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
EPSS