Lucene search
K

4 matches found

OSV
OSV
added 2023/05/25 2:15 p.m.5 views

AZL-26953 CVE-2023-0459 affecting package kernel for versions less than 5.15.116.1-1

Copyfromuser on 64-bit versions of the Linux kernel does not implement the uaccessbeginnospec allowing a user to bypass the "accessok" check and pass a kernel pointer to copyfromuser. This would allow an attacker to leak information. We recommend upgrading beyond...

5.5CVSS6.7AI score0.00635EPSS
Exploits0References1
Prion
Prion
added 2023/05/25 2:15 p.m.24 views

Design/Logic Flaw

Copyfromuser on 64-bit versions of the Linux kernel does not implement the uaccessbeginnospec allowing a user to bypass the "accessok" check and pass a kernel pointer to copyfromuser. This would allow an attacker to leak information. We recommend upgrading beyond...

1.7CVSS5.8AI score0.00635EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/05/25 1:22 p.m.488 views

CVE-2023-0459

CVE-2023-0459: Linux kernel on 64-bit systems is affected by a local elevation of information disclosure due to Copy_from_user bypassing __uaccess_begin_nospec, bypassing access_ok and allowing a user to pass a kernel pointer to copy_from_user. Root cause is the __uaccess_begin_nospec handling. I...

6.5CVSS6.4AI score0.00635EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2022/05/10 1:43 p.m.3 views

kernel: Copy_from_user on 64-bit versions may leak kernel information

A vulnerability was found in copyfromuser in 64-bit versions of the Linux kernel. This flaw allows a local attacker to bypass the "accessok" sanity check and pass a kernel pointer to copyfromuser, resulting in kernel data leaking...

6.5CVSS6.6AI score0.00635EPSS
Exploits0References5
Rows per page
Query Builder