Lucene search

Redhat.comRH:CVE-2023-0468

HistoryJan 24, 2023 - 3:05 p.m.

CVE-2023-0468

2023-01-2415:05:30

redhat.com

access.redhat.com

4.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:H/Au:S/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

8.3%

JSON

A use-after-free flaw was found in io_uring/poll.c in io_poll_check_events in the io_uring subcomponent in the Linux Kernel due to a race condition of poll_refs. This flaw may cause a NULL pointer dereference.

References

bugzilla.redhat.com/show_bug.cgi?id=2164024

github.com/torvalds/linux/commit/12ad3d2d6c5b0131a6052de91360849e3e154846

github.com/torvalds/linux/commit/a26a35e9019fd70bf3cf647dcfdae87abc7bacea

nvd.nist.gov/vuln/detail/CVE-2023-0468

www.cve.org/CVERecord?id=CVE-2023-0468

4.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:H/Au:S/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

8.3%

JSON

Related for RH:CVE-2023-0468