Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveRedhatCVE-2023-3355
HistoryJun 28, 2023 - 9:15 p.m.

CVE-2023-3355

2023-06-2821:15:10
CWE-476
redhat
web.nvd.nist.gov
106
linux
kernel
gpu
drm
msm
null pointer
dereference
flaw
nvd
cve-2023-3355

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

5.4

Confidence

High

EPSS

0

Percentile

5.1%

JSON

A NULL pointer dereference flaw was found in the Linux kernel’s drivers/gpu/drm/msm/msm_gem_submit.c code in the submit_lookup_cmds function, which fails because it lacks a check of the return value of kmalloc(). This issue allows a local user to crash the system.

Affected configurations

Nvd
Node
linuxlinux_kernelRange<6.1
OR
linuxlinux_kernelMatch6.1-
OR
linuxlinux_kernelMatch6.1rc1
OR
linuxlinux_kernelMatch6.1rc2
OR
linuxlinux_kernelMatch6.1rc3
OR
linuxlinux_kernelMatch6.1rc4
OR
linuxlinux_kernelMatch6.1rc5
OR
linuxlinux_kernelMatch6.1rc6
OR
linuxlinux_kernelMatch6.1rc7
VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel6.1cpe:2.3:o:linux:linux_kernel:6.1:-:*:*:*:*:*:*
linuxlinux_kernel6.1cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*
linuxlinux_kernel6.1cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*
linuxlinux_kernel6.1cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*
linuxlinux_kernel6.1cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*
linuxlinux_kernel6.1cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*
linuxlinux_kernel6.1cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*
linuxlinux_kernel6.1cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "kernel",
    "vendor": "n/a",
    "versions": [
      {
        "version": "6.1-rc8",
        "status": "unaffected"
      }
    ]
  },
  {
    "product": "kernel",
    "vendor": "n/a",
    "defaultStatus": "affected"
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 6",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:6"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:7"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel-rt",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:7"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:8"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel-rt",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:8"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "kernel-rt",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:9"
    ]
  },
  {
    "product": "Fedora",
    "vendor": "Fedora",
    "collectionURL": "https://packages.fedoraproject.org/",
    "packageName": "kernel",
    "defaultStatus": "affected"
  }
]

Related

redhatcve 1
ubuntucve 1
cvelist 1
prion 1
debiancve 1
cbl_mariner 2
nvd 1
redos 1
redhatcve
redhatcve
CVE-2023-3355
2023-06-27 09:17:02
ubuntucve
ubuntucve
CVE-2023-3355
2023-06-28 00:00:00
cvelist
cvelist
CVE-2023-3355 Null pointer dereference in submit_lookup_cmds() in drivers/gpu/drm/msm/msm_gem_submit.c
2023-06-28 00:00:00
prion
prion
Null pointer dereference
2023-06-28 21:15:00
debiancve
debiancve
CVE-2023-3355
2023-06-28 21:15:10
cbl_mariner
cbl_mariner
CVE-2023-3355 affecting package kernel for versions less than 5.15.118.1-2
2023-08-10 16:37:57
CVE-2023-3355 affecting package kernel 5.10.183.1-1
2023-07-28 23:16:55
nvd
nvd
CVE-2023-3355
2023-06-28 21:15:10
redos
redos
ROS-20230904-01
2023-09-04 00:00:00

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

5.4

Confidence

High

EPSS

0

Percentile

5.1%

JSON
Related for CVE-2023-3355
redhatcve1ubuntucve1cvelist1prion1debiancve1cbl_mariner2nvd1redos1