CVE-2023-35829

Опубликовано: 18 июн. 2023

Источник: nvd

CVSS3: 7

EPSS Низкий

Описание

An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in rkvdec_remove in drivers/staging/media/rkvdec/rkvdec.c.

Ссылки

https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.2
Release Notes
Vendor Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3228cec23b8b29215e18090c6ba635840190993d
Patch
Vendor Advisory
https://lore.kernel.org/all/a4dafa22-3ee3-dbe1-fd50-fee07883ce1a%40xs4all.nl/
Third Party Advisory
https://lore.kernel.org/lkml/20230307173900.1299387-1-zyytlz.wz%40163.com/T/
Mailing List
Third Party Advisory
https://security.netapp.com/advisory/ntap-20230803-0002/
Third Party Advisory
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.2
Release Notes
Vendor Advisory
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3228cec23b8b29215e18090c6ba635840190993d
Patch
Vendor Advisory
https://lore.kernel.org/all/a4dafa22-3ee3-dbe1-fd50-fee07883ce1a%40xs4all.nl/
Third Party Advisory
https://lore.kernel.org/lkml/20230307173900.1299387-1-zyytlz.wz%40163.com/T/
Mailing List
Third Party Advisory
https://security.netapp.com/advisory/ntap-20230803-0002/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.8 (включая) до 5.10.180 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.11 (включая) до 5.15.111 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 5.16 (включая) до 6.1.28 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 6.2 (включая) до 6.2.15 (исключая)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Версия от 6.3 (включая) до 6.3.2 (исключая)

Конфигурация 2

Одно из

cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*

EPSS

Процентиль: 13%

0.00043

Низкий

7 High

CVSS3

Дефекты

CWE-362

Связанные уязвимости

CVE-2023-35829

CVSS3: 7

ubuntu

больше 2 лет назад

An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in rkvdec_remove in drivers/staging/media/rkvdec/rkvdec.c.

CVE-2023-35829

CVSS3: 6.4

redhat

больше 2 лет назад

An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in rkvdec_remove in drivers/staging/media/rkvdec/rkvdec.c.

CVE-2023-35829

CVSS3: 7

msrc

больше 2 лет назад

An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in rkvdec_remove in drivers/staging/media/rkvdec/rkvdec.c.

CVE-2023-35829

CVSS3: 7

debian

больше 2 лет назад

An issue was discovered in the Linux kernel before 6.3.2. A use-after- ...

GHSA-rj3q-88g5-jm9h

CVSS3: 7

github

больше 2 лет назад

An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in rkvdec_remove in drivers/staging/media/rkvdec/rkvdec.c.

EPSS

Процентиль: 13%

0.00043

Низкий

7 High

CVSS3

Дефекты

CWE-362