Lucene search

K
redhatcveRedhat.comRH:CVE-2023-1075
HistoryFeb 27, 2023 - 6:30 p.m.

CVE-2023-1075

2023-02-2718:30:15
redhat.com
access.redhat.com
48
linux
kernel
tls
memory leak
local user
unauthorized access
mitigation
blacklist

CVSS3

3.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

EPSS

0

Percentile

13.4%

A memory leak flaw was found in the Linux kernel’s TLS protocol. This issue could allow a local user unauthorized access to some memory.

Mitigation

To mitigate this issue, prevent module tls from being loaded. Please see <https://access.redhat.com/solutions/41278&gt; for how to blacklist a kernel module to prevent it from loading automatically.

CVSS3

3.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

EPSS

0

Percentile

13.4%