Lucene search
HistoryNov 10, 2023 - 5:15 p.m.
CVE-2023-4949
attacker with local access
disk access
external drive
xfs partition
memory corruption
grub-legacy
cve-2023-4949
6.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
5.1%
An attacker with local access to a system (either through a disk or external drive) can present a modified XFS partition to grub-legacy in such a way to exploit a memory corruption in grub’s XFS file system implementation.
Affected configurations
Node
gnugrubRange≤0.97
Node
xenxenMatch-
Related
osv
osv
CVE-2023-4949
2023-11-10 17:15:07
CVE-2023-34325
2024-01-05 17:15:08
prion
prion
Memory corruption
2023-11-10 17:15:00
Stack overflow
2024-01-05 17:15:00
debiancve
debiancve
CVE-2023-4949
2023-11-10 17:15:07
CVE-2023-34325
2024-01-05 17:15:08
cve
cve
CVE-2023-4949
2023-11-10 17:15:07
CVE-2023-34325
2024-01-05 17:15:08
cvelist
cvelist
CVE-2023-4949 Memory Corruption Vulnerability in Grub-Legacy's XFS Implementation
2023-11-10 16:57:03
CVE-2023-34325 Multiple vulnerabilities in libfsimage disk handling
2024-01-05 16:31:09
ubuntucve
ubuntucve
CVE-2023-4949
2023-11-10 00:00:00
CVE-2023-34325
2024-01-05 00:00:00
nvd
nvd
CVE-2023-34325
2024-01-05 17:15:08
xen
xen
Multiple vulnerabilities in libfsimage disk handling
2023-10-10 12:00:00
nessus
nessus
Fedora 39 : xen (2023-de338d9f37)
2023-11-07 00:00:00
Fedora 38 : xen (2023-a4c606585e)
2023-10-26 00:00:00
Fedora 37 : xen (2023-881672fdab)
2023-10-26 00:00:00
6.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
5.1%
Related for NVD:CVE-2023-4949