7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.9 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:P/I:P/A:P
0.0005 Low
EPSS
Percentile
16.2%
Software: kernel 3.10.0
OS: rosa-server79
package_evr_string: kernel-3.10.0-1160.83.1.el7
CVE-ID: CVE-2023-3397
BDU-ID: 2023-03779
CVE-Crit: MEDIUM
CVE-DESC.: A vulnerability in the JFS file system of the Linux operating system kernel is related to the reuse of previously freed memory due to competitive resource access (race condition) between the lmLogClose() and txEnd() functions in the fs/jfs/jfs_txnmgr.c module. Exploitation of the vulnerability could allow an attacker to impact the confidentiality, integrity, and availability of protected information
CVE-STATUS: Investigated
CVE-REV: Monitor for updates
CVE-ID: CVE-2023-33250
BDU-ID: 2023-02798
CVE-Crit: MEDIUM
CVE-DESC.: A vulnerability in the iopt_unmap_iova_range() function in the drivers/iommu/iommufd/io_pagetable.c module of the Linux operating system kernel involves the use of previously freed memory. Exploitation of the vulnerability could allow an attacker to impact the confidentiality, integrity and availability of protected information
CVE-STATUS: Unpatched
CVE-REV: Execute yum update kernel command
CVE-ID: CVE-2023-35001
BDU-ID: 2023-03778
CVE-Crit: MEDIUM
CVE-DESC.: A vulnerability in the nft_byteorder_eval() function in the net/netfilter/nft_byteorder.c module of the Linux operating system kernel is related to an operation exceeding buffer boundaries in memory during pointer processing. Exploitation of the vulnerability could allow an attacker to affect confidentiality, integrity and availability of protected information
CVE-STATUS: Unpatched
CVE-REV: Execute yum update kernel command
CVE-ID: CVE-2023-31248
BDU-ID: 2023-03947
CVE-Crit: MEDIUM
CVE-DESC.: A vulnerability in the nft_chain_lookup_byid() function in the net/netfilter/nf_tables_api.c module of the netfilter packet filtering subsystem of the netfilter kernel of the Linux operating system is related to the reuse of previously freed memory due to competitive access to a resource (race condition). Exploitation of the vulnerability could allow an attacker to escalate privileges and impact the confidentiality, integrity and availability of protected information
CVE-STATUS: Not Current
CVE-REV: Execute the yum update kernel command
CVE-ID: CVE-2023-3640
BDU-ID: 2023-03962
CVE-Crit: MEDIUM
CVE-DESC.: A vulnerability in the init_cea_offsets() function in the /arch/x86/mm/cpu_entry_area.c module of the Linux operating system kernel memory management subsystem is related to the availability of the per-cpu region of the memory area for user address space. Exploitation of the vulnerability could allow an attacker to gain access to protected information and escalate their privileges
CVE-STATUS: Unpatched
CVE-REV: Execute the yum update kernel command
CVE-ID: CVE-2023-3772
BDU-ID: 2023-04268
CVE-Crit: MEDIUM
CVE-DESC.: A vulnerability in the xfrm_update_ae_params() function in the net/xfrm/xfrm_user.c module of the XFRM subsystem of the Linux operating system kernel is related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service
CVE-STATUS: Unpatched
CVE-REV: Execute the yum update kernel command
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.9 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:P/I:P/A:P
0.0005 Low
EPSS
Percentile
16.2%