Lucene search
HistoryMar 29, 2023 - 9:15 p.m.
CVE-2023-1652
nfs
use-after-free
flaw
linux kernel
local attacker
crash
system
information leak
CVSS3
7.1
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
AI Score
6.8
Confidence
High
EPSS
0
Percentile
5.1%
A use-after-free flaw was found in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c in the NFS filesystem in the Linux Kernel. This issue could allow a local attacker to crash the system or it may lead to a kernel information leak problem.
Affected configurations
Node
linuxlinux_kernelRange5.14–5.15.91
ORlinuxlinux_kernelRange5.16–6.1.9
ORlinuxlinux_kernelMatch6.2rc1
ORlinuxlinux_kernelMatch6.2rc2
ORlinuxlinux_kernelMatch6.2rc3
ORlinuxlinux_kernelMatch6.2rc4
Node
redhatenterprise_linuxMatch9.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| linux | linux_kernel | 6.2 | cpe:2.3:o:linux:linux_kernel:6.2:rc1:*:*:*:*:*:* |
| linux | linux_kernel | 6.2 | cpe:2.3:o:linux:linux_kernel:6.2:rc2:*:*:*:*:*:* |
| linux | linux_kernel | 6.2 | cpe:2.3:o:linux:linux_kernel:6.2:rc3:*:*:*:*:*:* |
| linux | linux_kernel | 6.2 | cpe:2.3:o:linux:linux_kernel:6.2:rc4:*:*:*:*:*:* |
| redhat | enterprise_linux | 9.0 | cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:* |
Related
cbl_mariner
cbl_mariner
CVE-2023-1652 affecting package hyperv-daemons 5.10.174.1-1
2023-05-03 19:35:26
CVE-2023-1652 affecting package kernel 5.10.183.1-1
2023-07-28 23:16:55
CVE-2023-1652 affecting package kernel for versions less than 5.15.107.1-2
2023-05-03 16:08:28
nessus
nessus
debiancve
debiancve
CVE-2023-1652
2023-03-29 21:15:07
cvelist
cvelist
CVE-2023-1652
2023-03-29 00:00:00
ubuntucve
ubuntucve
CVE-2023-1652
2023-03-29 00:00:00
prion
prion
Design/Logic Flaw
2023-03-29 21:15:00
redhatcve
redhatcve
CVE-2023-1652
2023-03-27 11:43:49
cve
cve
CVE-2023-1652
2023-03-29 21:15:07
osv
osv
linux-intel-iotg vulnerabilities
2023-05-05 10:14:32
linux-hwe-5.15 vulnerabilities
2023-04-25 13:25:40
openvas
openvas
Ubuntu: Security Advisory (USN-6057-1)
2023-05-08 00:00:00
Ubuntu: Security Advisory (USN-6025-1)
2023-04-19 00:00:00
Ubuntu: Security Advisory (USN-6040-1)
2023-04-26 00:00:00
ubuntu
ubuntu
Linux kernel (Intel IoTG) vulnerabilities
2023-05-05 00:00:00
Linux kernel vulnerabilities
2023-04-19 00:00:00
Linux kernel (HWE) vulnerabilities
2023-04-25 00:00:00
oraclelinux
oraclelinux
kernel security, bug fix, and enhancement update
2023-11-12 00:00:00
redhat
redhat
CVSS3
7.1
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
AI Score
6.8
Confidence
High
EPSS
0
Percentile
5.1%
Related for NVD:CVE-2023-1652