Lucene search

K
redhatcveRedhat.comRH:CVE-2023-22995
HistoryMar 01, 2023 - 6:06 p.m.

CVE-2023-22995

2023-03-0118:06:55
redhat.com
access.redhat.com
41
memory overflow
linux kernel
usb controller
system crash

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

13.3%

A memory overflow flaw was found in the Linux kernel’s Dual Role SuperSpeed USB controller driver in how a user registers a new USB device, which fails. This flaw allows a local user to crash the system.

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0

Percentile

13.3%