Lucene search

K
redhatRedHatRHSA-2023:1588
HistoryApr 04, 2023 - 8:53 a.m.

(RHSA-2023:1588) Important: kernel security update

2023-04-0408:53:58
access.redhat.com
40
kernel packages linux alsa uaf cve-2023-0266 security update fix cvss score references_unix

CVSS3

7.9

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:H

EPSS

0.001

Percentile

35.5%

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF (CVE-2023-0266)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVSS3

7.9

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:H

EPSS

0.001

Percentile

35.5%