Lucene search

K
ubuntucveUbuntu.comUB:CVE-2023-28772
HistoryMar 23, 2023 - 12:00 a.m.

CVE-2023-28772

2023-03-2300:00:00
ubuntu.com
ubuntu.com
35
linux kernel
5.13.3
seq_buf_putmem_hex
buffer overflow

CVSS3

6.7

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

19.1%

An issue was discovered in the Linux kernel before 5.13.3. lib/seq_buf.c
has a seq_buf_putmem_hex buffer overflow.

Notes

Author Note
cascardo there is no current seq_buf_putmem_hex user with exploitable input
OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux< 4.15.0-156.163UNKNOWN
ubuntu20.04noarchlinux< 5.4.0-84.94UNKNOWN
ubuntu18.04noarchlinux-aws< 4.15.0-1111.118UNKNOWN
ubuntu20.04noarchlinux-aws< 5.4.0-1056.59UNKNOWN
ubuntu18.04noarchlinux-aws-5.4< 5.4.0-1056.59~18.04.1UNKNOWN
ubuntu16.04noarchlinux-aws-hwe< 4.15.0-1111.118~16.04.1UNKNOWN
ubuntu20.04noarchlinux-azure< 5.4.0-1058.60UNKNOWN
ubuntu14.04noarchlinux-azure< 4.15.0-1123.136~14.04.1UNKNOWN
ubuntu16.04noarchlinux-azure< 4.15.0-1123.136~16.04.1UNKNOWN
ubuntu18.04noarchlinux-azure-4.15< 4.15.0-1123.136UNKNOWN
Rows per page:
1-10 of 331

CVSS3

6.7

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

19.1%