Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2023-37454HistoryJul 06, 2023 - 5:15 p.m.
CVE-2023-37454
2023-07-0617:15:14
Debian Security Bug Tracker
security-tracker.debian.org
10
linux
udf filesystem
use-after-free
vulnerability
suse.com
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS
0
Percentile
9.8%
An issue was discovered in the Linux kernel through 6.4.2. A crafted UDF filesystem image causes a use-after-free write operation in the udf_put_super and udf_close_lvid functions in fs/udf/super.c. NOTE: the suse.com reference has a different perspective about this.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | linux | <= 6.1.106-3 | linux_6.1.106-3_all.deb |
| Debian | 11 | all | linux | <= 5.10.223-1 | linux_5.10.223-1_all.deb |
| Debian | 999 | all | linux | <= 6.10.11-1 | linux_6.10.11-1_all.deb |
| Debian | 13 | all | linux | <= 6.10.9-1 | linux_6.10.9-1_all.deb |
Related
cvelist
cvelist
CVE-2023-37454
2023-07-06 00:00:00
ubuntucve
ubuntucve
CVE-2023-37454
2023-07-06 00:00:00
cve
cve
CVE-2023-37454
2023-07-06 17:15:14
nvd
nvd
CVE-2023-37454
2023-07-06 17:15:14
prion
prion
Design/Logic Flaw
2023-07-06 17:15:00
redhatcve
redhatcve
CVE-2023-37454
2023-08-08 11:20:00
nessus
nessus
RHEL 9 : kernel (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 8 : kernel (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 6 : kernel (Unpatched Vulnerability)
2024-05-11 00:00:00
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS
0
Percentile
9.8%
Related for DEBIANCVE:CVE-2023-37454