Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2023-0030

Опубликовано: 11 дек. 2018
Источник: redhat
CVSS3: 7
EPSS Низкий

Описание

A use-after-free flaw was found in the Linux kernel’s nouveau driver in how a user triggers a memory overflow that causes the nvkm_vma_tail function to fail. This flaw allows a local user to crash or potentially escalate their privileges on the system.

Отчет

This issue is rated Moderate due to complexity, and a denial of service is only possible with the known attack scenario. The Red Hat Enterprise Linux not affected, because commit 9211092b378 "[drm] drm: Main backport to rebase from 4.18 to 5.1" applied already.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 8kernelNot affected
Red Hat Enterprise Linux 8kernel-rtNot affected
Red Hat Enterprise Linux 9kernelNot affected
Red Hat Enterprise Linux 9kernel-rtNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-416
https://bugzilla.redhat.com/show_bug.cgi?id=2157270kernel: Use after Free in nvkm_vmm_pfn_map

EPSS

Процентиль: 5%
0.00022
Низкий

7 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2023-0030

CVSS3: 7.8
ubuntu
почти 3 года назад

A use-after-free flaw was found in the Linux kernel’s nouveau driver in how a user triggers a memory overflow that causes the nvkm_vma_tail function to fail. This flaw allows a local user to crash or potentially escalate their privileges on the system.

nvd логотип

CVE-2023-0030

CVSS3: 7.8
nvd
почти 3 года назад

A use-after-free flaw was found in the Linux kernel’s nouveau driver in how a user triggers a memory overflow that causes the nvkm_vma_tail function to fail. This flaw allows a local user to crash or potentially escalate their privileges on the system.

debian логотип

CVE-2023-0030

CVSS3: 7.8
debian
почти 3 года назад

A use-after-free flaw was found in the Linux kernel\u2019s nouveau dri ...

github логотип

GHSA-jm67-cprv-v6wx

CVSS3: 7.8
github
больше 2 лет назад

A use-after-free flaw was found in the Linux kernel’s nouveau driver in how a user triggers a memory overflow that causes the nvkm_vma_tail function to fail. This flaw allows a local user to crash or potentially escalate their privileges on the system.

fstec логотип

BDU:2023-00161

CVSS3: 4.1
fstec
около 3 лет назад

Уязвимость функции nvkm_vmm_pfn_map() драйвера GPU Nouveau ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или повысить свои привилегии

EPSS

Процентиль: 5%
0.00022
Низкий

7 High

CVSS3