CVE-2023-0590

Опубликовано: 18 окт. 2022

Источник: redhat

CVSS3: 7

Описание

A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 ("net: sched: fix race condition in qdisc_graft()") not applied yet, then kernel could be affected.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 6	kernel	Out of support scope
Red Hat Enterprise Linux 7	kernel	Out of support scope
Red Hat Enterprise Linux 7	kernel-rt	Out of support scope
Red Hat Enterprise Linux 8	kernel-rt	Fixed	RHSA-2023:6901	14.11.2023
Red Hat Enterprise Linux 8	kernel	Fixed	RHSA-2023:7077	14.11.2023
Red Hat Enterprise Linux 8.6 Extended Update Support	kernel	Fixed	RHSA-2023:5627	10.10.2023
Red Hat Enterprise Linux 9	kernel	Fixed	RHSA-2023:2458	09.05.2023
Red Hat Enterprise Linux 9	kernel-rt	Fixed	RHSA-2023:2148	09.05.2023
Red Hat Enterprise Linux 9	kernel	Fixed	RHSA-2023:2458	09.05.2023
Red Hat Enterprise Linux 9.0 Extended Update Support	kernel	Fixed	RHSA-2023:7382	21.11.2023

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-416

https://bugzilla.redhat.com/show_bug.cgi?id=2165741kernel: use-after-free due to race condition in qdisc_graft()

7 High

CVSS3

Связанные уязвимости

CVE-2023-0590

CVSS3: 4.7

ubuntu

почти 3 года назад

CVE-2023-0590

CVSS3: 4.7

nvd

почти 3 года назад

CVE-2023-0590

CVSS3: 4.7

msrc

почти 3 года назад

Описание отсутствует

CVE-2023-0590

CVSS3: 4.7

debian

почти 3 года назад

A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c ...

GHSA-rr33-cw2h-vrch

CVSS3: 4.7

github

почти 3 года назад

7 High

CVSS3