Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2023-40791HistoryOct 16, 2023 - 3:15 a.m.
CVE-2023-40791
2023-10-1603:15:09
Debian Security Bug Tracker
security-tracker.debian.org
7
linux kernel
vulnerability
extract_user_to_sg
pages
warning
try_grab_page
6.3 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
0.0004 Low
EPSS
Percentile
5.1%
extract_user_to_sg in lib/scatterlist.c in the Linux kernel before 6.4.12 fails to unpin pages in a certain situation, as demonstrated by a WARNING for try_grab_page.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | linux | < 6.1.76-1 | linux_6.1.76-1_all.deb |
| Debian | 11 | all | linux | < 5.10.209-2 | linux_5.10.209-2_all.deb |
| Debian | 10 | all | linux | < 4.19.249-2 | linux_4.19.249-2_all.deb |
| Debian | 999 | all | linux | < 6.4.13-1 | linux_6.4.13-1_all.deb |
| Debian | 13 | all | linux | < 6.4.13-1 | linux_6.4.13-1_all.deb |
Related
cvelist
cvelist
CVE-2023-40791
2023-10-16 00:00:00
prion
prion
Code injection
2023-10-16 03:15:00
nvd
nvd
CVE-2023-40791
2023-10-16 03:15:09
cve
cve
CVE-2023-40791
2023-10-16 03:15:09
redhatcve
redhatcve
CVE-2023-40791
2023-10-18 00:58:50
ubuntucve
ubuntucve
CVE-2023-40791
2023-10-16 00:00:00
cbl_mariner
cbl_mariner
CVE-2023-40791 affecting package kernel for versions less than 5.15.135.1-2
2023-11-08 02:07:28
6.3 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
0.0004 Low
EPSS
Percentile
5.1%
Related for DEBIANCVE:CVE-2023-40791