CVE-2023-2019

2023-04-2421:15:09

CWE-911

[email protected]

web.nvd.nist.gov

linux

kernel

netdevsim

driver

flaw

reference count

denial of service

cve-2023-2019

4.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

4.2 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

16.2%

JSON

A flaw was found in the Linux kernel’s netdevsim device driver, within the scheduling of events. This issue results from the improper management of a reference count. This may allow an attacker to create a denial of service condition on the system.

Affected configurations

Vulners

NVD

Node

linuxlinuxRange≤6.0

VendorProductVersionCPE
linuxlinux*cpe:2.3:o:linux:linux:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
linux	linux	*	cpe:2.3:o:linux:linux::::::::

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "Linux kernel's netdevsim device driver",
    "versions": [
      {
        "version": "Fixed in kernel v6.0-rc1",
        "status": "affected"
      }
    ]
  }
]