Lucene search

K
cvelistAnolisCVELIST:CVE-2024-23307
HistoryJan 25, 2024 - 6:59 a.m.

CVE-2024-23307 Integer overflow in raid5_cache_count in Linux kernel

2024-01-2506:59:37
CWE-190
Anolis
www.cve.org
cve-2024-23307
integer overflow
linux
x86
arm
md
raid5 modules

4.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

7.7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow.

CNA Affected

[
  {
    "collectionURL": "https://mirrors.openanolis.cn/anolis/",
    "defaultStatus": "unaffected",
    "modules": [
      "md",
      "raid",
      "raid5"
    ],
    "packageName": "kernel",
    "platforms": [
      "Linux",
      "x86",
      "ARM"
    ],
    "product": "Linux kernel",
    "programFiles": [
      "https://gitee.com/anolis/cloud-kernel/blob/devel-4.19/drivers/md/raid5.c"
    ],
    "repo": "https://gitee.com/anolis/cloud-kernel.git",
    "vendor": "Linux",
    "versions": [
      {
        "lessThan": "v6.8-rc1",
        "status": "affected",
        "version": "v4.1-rc1",
        "versionType": "custom"
      }
    ]
  }
]

4.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H

7.7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%