Lucene search

[email protected]NVD:CVE-2023-4394

HistoryAug 17, 2023 - 1:15 p.m.

CVE-2023-4394

2023-08-1713:15:11

CWE-400

CWE-416

[email protected]

web.nvd.nist.gov

btrfs

linux kernel

system crash

kernel information

local attacker

special privileges

6 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H

6.1 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

A use-after-free flaw was found in btrfs_get_dev_args_from_path in fs/btrfs/volumes.c in btrfs file-system in the Linux Kernel. This flaw allows a local attacker with special privileges to cause a system crash or leak internal kernel information

Affected configurations

NVD

Node

linuxlinux_kernelRange<6.0

linuxlinux_kernelMatch6.0rc1

linuxlinux_kernelMatch6.0rc2

References

access.redhat.com/security/cve/CVE-2023-4394

bugzilla.redhat.com/show_bug.cgi?id=2219263

patchwork.kernel.org/project/linux-btrfs/patch/[email protected]/

6 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H

6.1 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2023-4394

redhatcve1 cbl_mariner1 ubuntucve1 cve1 prion1 cvelist1 debiancve1