Lucene search

K
ubuntucveUbuntu.comUB:CVE-2023-26605
HistoryFeb 26, 2023 - 12:00 a.m.

CVE-2023-26605

2023-02-2600:00:00
ubuntu.com
ubuntu.com
23
cve-2023-26605
inode_cgwb_move_to_attached
fs-writeback.c
__list_del_entry_valid
unix

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

25.9%

In the Linux kernel 6.0.8, there is a use-after-free in
inode_cgwb_move_to_attached in fs/fs-writeback.c, related to
__list_del_entry_valid.

OSVersionArchitecturePackageVersionFilename
ubuntu22.04noarchlinux< 5.15.0-67.74UNKNOWN
ubuntu22.10noarchlinux< 5.19.0-35.36UNKNOWN
ubuntu22.04noarchlinux-aws< 5.15.0-1031.35UNKNOWN
ubuntu22.10noarchlinux-aws< 5.19.0-1020.21UNKNOWN
ubuntu20.04noarchlinux-aws-5.15< 5.15.0-1031.35~20.04.1UNKNOWN
ubuntu22.04noarchlinux-azure< 5.15.0-1034.41UNKNOWN
ubuntu22.10noarchlinux-azure< 5.19.0-1021.22UNKNOWN
ubuntu20.04noarchlinux-azure-5.15< 5.15.0-1034.41~20.04.1UNKNOWN
ubuntu22.04noarchlinux-azure-5.19< 5.19.0-1021.22~22.04.1UNKNOWN
ubuntu22.04noarchlinux-azure-fde< 5.15.0-1034.41.1UNKNOWN
Rows per page:
1-10 of 391

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

25.9%