Lucene search

K
cnvdChina National Vulnerability DatabaseCNVD-2024-06235
HistoryJan 12, 2024 - 12:00 a.m.

Linux kernel code issue vulnerability (CNVD-2024-06235)

2024-01-1200:00:00
China National Vulnerability Database
www.cnvd.org.cn
23
linux
open source
operating system
code issue
vulnerability
memory initialization
exploitation
locally privileged attacker
kernel memory

AI Score

6.3

Confidence

High

EPSS

0

Percentile

5.1%

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A code issue vulnerability exists in the Linux kernel that stems from vhost_new_msg in drivers/vhost/vhost.c failing to properly initialize memory in messages passed between a virtual client and the host operating system, which could be exploited by a locally-privileged attacker to read the contents of certain kernel memory.