PRIOn knowledge basePRION:CVE-2023-3268Information disclosure
7.1 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
6.4 Medium
AI Score
Confidence
High
3.2 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:P/I:N/A:P
0.0004 Low
EPSS
Percentile
5.4%
An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw could allow a local attacker to crash the system or leak kernel internal information.
| CPE | Name | Operator | Version |
|---|---|---|---|
| debian_linux | eq | 10.0 | |
| debian_linux | eq | 11.0 | |
| debian_linux | eq | 12.0 | |
| linux_kernel | lt | 6.4 |
References
cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.2
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=43ec16f1450f4936025a9bdf1a273affdb9732c1
lists.debian.org/debian-lts-announce/2023/07/msg00030.html
lists.debian.org/debian-lts-announce/2023/10/msg00027.html
lore.kernel.org/lkml/[email protected]/T/
security.netapp.com/advisory/ntap-20230824-0006/
www.debian.org/security/2023/dsa-5448
www.debian.org/security/2023/dsa-5480
Related
7.1 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
6.4 Medium
AI Score
Confidence
High
3.2 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:P/I:N/A:P
0.0004 Low
EPSS
Percentile
5.4%