China National Vulnerability DatabaseCNVD-2023-48542Linux kernel resource management error vulnerability (CNVD-2023-48542)
4.4 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
1.4 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
MULTIPLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:M/C:N/I:N/A:P
0.0004 Low
EPSS
Percentile
5.7%
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A resource management error vulnerability exists in Linux kernel version 6.3, which arises from a confusion in the program’s instructions responsible for freeing memory. An attacker could exploit this vulnerability to cause a program crash, arbitrary code execution, and more.
| CPE | Name | Operator | Version |
|---|---|---|---|
| linux linux kernel | eq | 6.3 |
Related
4.4 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
1.4 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
MULTIPLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:M/C:N/I:N/A:P
0.0004 Low
EPSS
Percentile
5.7%