Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2023-35824

Опубликовано: 19 июн. 2023
Источник: redhat
CVSS3: 6.4

Описание

An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in dm1105_remove in drivers/media/pci/dm1105/dm1105.c.

A race condition was found in the Linux kernel's dm1105 device driver when removing the module before cleanup in the dm1105_remove function. This can result in a use-after-free issue, possibly leading to a system crash or other undefined behaviors.

Отчет

Because this flaw only affects systems with specific hardware installed, and because exploitation requires an attacker to be able to manipulate the driver with precise timing, Red Hat assesses the impact of this vulnerability as Moderate.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6kernelOut of support scope
Red Hat Enterprise Linux 7kernelOut of support scope
Red Hat Enterprise Linux 7kernel-rtOut of support scope
Red Hat Enterprise Linux 9kernelNot affected
Red Hat Enterprise Linux 9kernel-rtNot affected
Red Hat Enterprise Linux 8kernel-rtFixedRHSA-2023:690114.11.2023
Red Hat Enterprise Linux 8kernelFixedRHSA-2023:707714.11.2023
Red Hat Enterprise Linux 8.6 Extended Update SupportkernelFixedRHSA-2024:041225.01.2024
Red Hat Enterprise Linux 8.8 Extended Update SupportkernelFixedRHSA-2024:057530.01.2024
Red Hat Virtualization 4 for Red Hat Enterprise Linux 8kernelFixedRHSA-2024:041225.01.2024

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-362->CWE-416
https://bugzilla.redhat.com/show_bug.cgi?id=2215836kernel: dm1105: race condition leading to use-after-free in dm1105_remove.c()

6.4 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2023-35824

CVSS3: 7
ubuntu
около 2 лет назад

An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in dm1105_remove in drivers/media/pci/dm1105/dm1105.c.

nvd логотип

CVE-2023-35824

CVSS3: 7
nvd
около 2 лет назад

An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in dm1105_remove in drivers/media/pci/dm1105/dm1105.c.

msrc логотип

CVE-2023-35824

CVSS3: 7
msrc
почти 2 года назад

Описание отсутствует

debian логотип

CVE-2023-35824

CVSS3: 7
debian
около 2 лет назад

An issue was discovered in the Linux kernel before 6.3.2. A use-after- ...

github логотип

GHSA-vj9c-2crj-hp9g

CVSS3: 7
github
около 2 лет назад

An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in dm1105_remove in drivers/media/pci/dm1105/dm1105.c.

6.4 Medium

CVSS3