Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2023-1195

Опубликовано: 02 окт. 2022
Источник: redhat
CVSS3: 5.5
EPSS Низкий

Описание

A use-after-free flaw was found in reconn_set_ipaddr_from_hostname in fs/cifs/connect.c in the Linux kernel. The issue occurs when it forgets to set the free pointer server->hostname to NULL, leading to an invalid pointer request.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6kernelNot affected
Red Hat Enterprise Linux 7kernelNot affected
Red Hat Enterprise Linux 7kernel-rtNot affected
Red Hat Enterprise Linux 8kernel-rtFixedRHSA-2023:273616.05.2023
Red Hat Enterprise Linux 8kernelFixedRHSA-2023:295116.05.2023
Red Hat Enterprise Linux 8.6 Extended Update SupportkernelFixedRHSA-2024:041225.01.2024
Red Hat Enterprise Linux 9kernelFixedRHSA-2023:245809.05.2023
Red Hat Enterprise Linux 9kernel-rtFixedRHSA-2023:214809.05.2023
Red Hat Enterprise Linux 9kernelFixedRHSA-2023:245809.05.2023
Red Hat Enterprise Linux 9.0 Extended Update SupportkernelFixedRHSA-2024:043225.01.2024

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-416
https://bugzilla.redhat.com/show_bug.cgi?id=2154171kernel: use-after-free caused by invalid pointer hostname in fs/cifs/connect.c

EPSS

Процентиль: 3%
0.00017
Низкий

5.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2023-1195

CVSS3: 5.5
ubuntu
около 2 лет назад

A use-after-free flaw was found in reconn_set_ipaddr_from_hostname in fs/cifs/connect.c in the Linux kernel. The issue occurs when it forgets to set the free pointer server->hostname to NULL, leading to an invalid pointer request.

nvd логотип

CVE-2023-1195

CVSS3: 5.5
nvd
около 2 лет назад

A use-after-free flaw was found in reconn_set_ipaddr_from_hostname in fs/cifs/connect.c in the Linux kernel. The issue occurs when it forgets to set the free pointer server->hostname to NULL, leading to an invalid pointer request.

msrc логотип

CVE-2023-1195

CVSS3: 5.5
msrc
около 2 лет назад

Описание отсутствует

debian логотип

CVE-2023-1195

CVSS3: 5.5
debian
около 2 лет назад

A use-after-free flaw was found in reconn_set_ipaddr_from_hostname in ...

github логотип

GHSA-rg37-q82v-wrqv

CVSS3: 5.5
github
около 2 лет назад

A use-after-free flaw was found in reconn_set_ipaddr_from_hostname in fs/cifs/connect.c in the Linux kernel. The issue occurs when it forgets to set the free pointer server->hostname to NULL, leading to an invalid pointer request.

EPSS

Процентиль: 3%
0.00017
Низкий

5.5 Medium

CVSS3

Уязвимость CVE-2023-1195