Lucene search

[email protected]NVD:CVE-2023-50431

HistoryDec 09, 2023 - 11:15 p.m.

CVE-2023-50431

2023-12-0923:15:07

[email protected]

web.nvd.nist.gov

kernel

info leak

habanalabs

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

0.0004 Low

EPSS

Percentile

9.1%

JSON

sec_attest_info in drivers/accel/habanalabs/common/habanalabs_ioctl.c in the Linux kernel through 6.6.5 allows an information leak to user space because info->pad0 is not initialized.

Affected configurations

NVD

Node

linuxlinux_kernelRange≤6.6.5

References

git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a9f07790a4b2250f0140e9a61c7f842fd9b618c7

lists.freedesktop.org/archives/dri-devel/2023-November/431772.html

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for NVD:CVE-2023-50431

cve1 prion1 ubuntucve1 debiancve1 cbl_mariner1 cvelist1 redhatcve1 ubuntu3 osv3 openvas3 nessus3