exploitDog

CVE-2023-35693

Опубликовано: 13 июл. 2023

Источник: nvd

CVSS3: 6.7

EPSS Низкий

Описание

In incfs_kill_sb of fs/incfs/vfs.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Ссылки

https://android.googlesource.com/kernel/common/+/8ff940b3513cb
Patch
https://source.android.com/security/bulletin/pixel/2023-07-01
Patch
Vendor Advisory
https://android.googlesource.com/kernel/common/+/8ff940b3513cb
Patch
https://source.android.com/security/bulletin/pixel/2023-07-01
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:google:android:-:*:*:*:*:*:*:*

EPSS

Процентиль: 2%

0.00014

Низкий

6.7 Medium

CVSS3

Дефекты

CWE-416

Связанные уязвимости

CVE-2023-35693

CVSS3: 6.7

debian

больше 2 лет назад

In incfs_kill_sb of fs/incfs/vfs.c, there is a possible memory corrupt ...

GHSA-4f25-fpfx-v6v9

CVSS3: 6.7

github

больше 2 лет назад

In incfs_kill_sb of fs/incfs/vfs.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

EPSS

Процентиль: 2%

0.00014

Низкий

6.7 Medium

CVSS3

Дефекты

CWE-416