Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog
Консоль
Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog

exploitDog

redhat Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2023-1079

ΠžΠΏΡƒΠ±Π»ΠΈΠΊΠΎΠ²Π°Π½ΠΎ: 12 Ρ„Π΅Π². 2023
Π˜ΡΡ‚ΠΎΡ‡Π½ΠΈΠΊ: redhat
CVSS3: 6.8
EPSS Низкий

ОписаниС

A flaw was found in the Linux kernel. A use-after-free may be triggered in asus_kbd_backlight_set when plugging/disconnecting in a malicious USB device, which advertises itself as an Asus device. Similarly to the previous known CVE-2023-25012, but in asus devices, the work_struct may be scheduled by the LED controller while the device is disconnecting, triggering a use-after-free on the struct asus_kbd_leds *led structure. A malicious USB device may exploit the issue to cause memory corruption with controlled data.

A use-after-free flaw was found in asus_kbd_backlight_set in drivers/hid/hid-asus.c in the Linux Kernel. This issue could allow an attacker to crash the system when plugging in or disconnecting a malicious USB device, which may lead to a kernel information leak problem.

ΠœΠ΅Ρ€Ρ‹ ΠΏΠΎ ΡΠΌΡΠ³Ρ‡Π΅Π½ΠΈΡŽ послСдствий

This flaw can be mitigated by preventing the affected ASUS HID driver (for notebook built-in keyboard) module from loading during the boot time, ensure the module is added into the blacklist file.

Refer: How do I blacklist a kernel module to prevent it from loading automatically? https://access.redhat.com/solutions/41278

Π—Π°Ρ‚Ρ€ΠΎΠ½ΡƒΡ‚Ρ‹Π΅ ΠΏΠ°ΠΊΠ΅Ρ‚Ρ‹

ΠŸΠ»Π°Ρ‚Ρ„ΠΎΡ€ΠΌΠ°ΠŸΠ°ΠΊΠ΅Ρ‚Π‘ΠΎΡΡ‚ΠΎΡΠ½ΠΈΠ΅Π Π΅ΠΊΠΎΠΌΠ΅Π½Π΄Π°Ρ†ΠΈΡΠ Π΅Π»ΠΈΠ·
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 9kernel-rtAffected
Red Hat Enterprise Linux 8kernel-rtFixedRHSA-2023:690114.11.2023
Red Hat Enterprise Linux 8kernelFixedRHSA-2023:707714.11.2023
Red Hat Enterprise Linux 8.6 Extended Update SupportkernelFixedRHSA-2024:041225.01.2024
Red Hat Enterprise Linux 8.8 Extended Update SupportkernelFixedRHSA-2024:057530.01.2024
Red Hat Enterprise Linux 9kernelFixedRHSA-2023:658307.11.2023
Red Hat Enterprise Linux 9kernelFixedRHSA-2023:658307.11.2023

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Бсылки Π½Π° источники

Π”ΠΎΠΏΠΎΠ»Π½ΠΈΡ‚Π΅Π»ΡŒΠ½Π°Ρ информация

Бтатус:

Moderate
Π”Π΅Ρ„Π΅ΠΊΡ‚:
CWE-416
https://bugzilla.redhat.com/show_bug.cgi?id=2173444kernel: hid: Use After Free in asus_remove()

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 5%
0.00019
Низкий

6.8 Medium

CVSS3

БвязанныС уязвимости

ubuntu Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2023-1079

CVSS3: 6.8
ubuntu
ΠΏΠΎΡ‡Ρ‚ΠΈ 3 Π³ΠΎΠ΄Π° Π½Π°Π·Π°Π΄

A flaw was found in the Linux kernel. A use-after-free may be triggered in asus_kbd_backlight_set when plugging/disconnecting in a malicious USB device, which advertises itself as an Asus device. Similarly to the previous known CVE-2023-25012, but in asus devices, the work_struct may be scheduled by the LED controller while the device is disconnecting, triggering a use-after-free on the struct asus_kbd_leds *led structure. A malicious USB device may exploit the issue to cause memory corruption with controlled data.

nvd Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2023-1079

CVSS3: 6.8
nvd
ΠΏΠΎΡ‡Ρ‚ΠΈ 3 Π³ΠΎΠ΄Π° Π½Π°Π·Π°Π΄

A flaw was found in the Linux kernel. A use-after-free may be triggered in asus_kbd_backlight_set when plugging/disconnecting in a malicious USB device, which advertises itself as an Asus device. Similarly to the previous known CVE-2023-25012, but in asus devices, the work_struct may be scheduled by the LED controller while the device is disconnecting, triggering a use-after-free on the struct asus_kbd_leds *led structure. A malicious USB device may exploit the issue to cause memory corruption with controlled data.

msrc Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2023-1079

CVSS3: 6.8
msrc
ΠΏΠΎΡ‡Ρ‚ΠΈ 3 Π³ΠΎΠ΄Π° Π½Π°Π·Π°Π΄

A flaw was found in the Linux kernel. A use-after-free may be triggered in asus_kbd_backlight_set when plugging/disconnecting in a malicious USB device which advertises itself as an Asus device. Similarly to the previous known CVE-2023-25012 but in asus devices the work_struct may be scheduled by the LED controller while the device is disconnecting triggering a use-after-free on the struct asus_kbd_leds *led structure. A malicious USB device may exploit the issue to cause memory corruption with controlled data.

debian Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2023-1079

CVSS3: 6.8
debian
ΠΏΠΎΡ‡Ρ‚ΠΈ 3 Π³ΠΎΠ΄Π° Π½Π°Π·Π°Π΄

A flaw was found in the Linux kernel. A use-after-free may be triggere ...

github Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

GHSA-2679-jq7r-8cph

CVSS3: 6.8
github
ΠΏΠΎΡ‡Ρ‚ΠΈ 3 Π³ΠΎΠ΄Π° Π½Π°Π·Π°Π΄

A flaw was found in the Linux kernel. A use-after-free may be triggered in asus_kbd_backlight_set when plugging/disconnecting in a malicious USB device, which advertises itself as an Asus device. Similarly to the previous known CVE-2023-25012, but in asus devices, the work_struct may be scheduled by the LED controller while the device is disconnecting, triggering a use-after-free on the struct asus_kbd_leds *led structure. A malicious USB device may exploit the issue to cause memory corruption with controlled data.

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 5%
0.00019
Низкий

6.8 Medium

CVSS3

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ CVE-2023-1079