Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2023-21400

Опубликовано: 13 июл. 2023
Источник: debian
EPSS Низкий

Описание

In multiple functions of io_uring.c, there is a possible kernel memory corruption due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
linuxfixed5.18.2-1package
linuxnot-affectedbusterpackage

Примечания

  • https://source.android.com/security/bulletin/pixel/2023-07-01

  • https://yanglingxi1993.github.io/dirty_pagetable/dirty_pagetable.html

  • https://www.openwall.com/lists/oss-security/2023/07/14/2

  • https://www.openwall.com/lists/oss-security/2023/07/25/9

  • https://twitter.com/VAR10CK/status/1683303642173153280

EPSS

Процентиль: 12%
0.00039
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2023-21400

CVSS3: 6.7
ubuntu
больше 2 лет назад

In multiple functions of io_uring.c, there is a possible kernel memory corruption due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.

redhat логотип

CVE-2023-21400

CVSS3: 7
redhat
больше 2 лет назад

In multiple functions of io_uring.c, there is a possible kernel memory corruption due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.

nvd логотип

CVE-2023-21400

CVSS3: 6.7
nvd
больше 2 лет назад

In multiple functions of io_uring.c, there is a possible kernel memory corruption due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.

github логотип

GHSA-xjm8-9w9g-9h2f

CVSS3: 6.7
github
больше 2 лет назад

In multiple functions of io_uring.c, there is a possible kernel memory corruption due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.

fstec логотип

BDU:2023-04649

CVSS3: 6.7
fstec
больше 3 лет назад

Уязвимость функции io_commit_cqring() в модуле io_uring/io_uring.c подсистемы io_uring ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации или повысить свои привилегии

EPSS

Процентиль: 12%
0.00039
Низкий