CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
EPSS
Percentile
9.0%
A use-after-free flaw was found in mt7921_check_offload_capability in
drivers/net/wireless/mediatek/mt76/mt7921/init.c in wifi mt76/mt7921
sub-component in the Linux Kernel. This flaw could allow an attacker to
crash the system after ‘features’ memory release. This vulnerability could
even lead to a kernel information leak problem.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 23.04 | noarch | linux | < 6.2.0-27.28 | UNKNOWN |
ubuntu | 23.04 | noarch | linux-aws | < 6.2.0-1009.9 | UNKNOWN |
ubuntu | 23.04 | noarch | linux-azure | < 6.2.0-1009.9 | UNKNOWN |
ubuntu | 23.04 | noarch | linux-gcp | < 6.2.0-1011.11 | UNKNOWN |
ubuntu | 23.04 | noarch | linux-ibm | < 6.2.0-1007.7 | UNKNOWN |
ubuntu | 23.04 | noarch | linux-kvm | < 6.2.0-1010.10 | UNKNOWN |
ubuntu | 23.04 | noarch | linux-lowlatency | < 6.2.0-1010.10 | UNKNOWN |
ubuntu | 23.04 | noarch | linux-oracle | < 6.2.0-1009.9 | UNKNOWN |
ubuntu | 23.04 | noarch | linux-raspi | < 6.2.0-1010.12 | UNKNOWN |
ubuntu | 23.04 | noarch | linux-riscv | < 6.2.0-27.28.1 | UNKNOWN |
git.kernel.org/linus/2ceb76f734e37833824b7fab6af17c999eb48d2b (6.3-rc6)
launchpad.net/bugs/cve/CVE-2023-3317
nvd.nist.gov/vuln/detail/CVE-2023-3317
patchwork.kernel.org/project/linux-wireless/patch/51fd8f76494348aa9ecbf0abc471ebe47a983dfd.1679502607.git.lorenzo@kernel.org/
security-tracker.debian.org/tracker/CVE-2023-3317
ubuntu.com/security/notices/USN-6283-1
www.cve.org/CVERecord?id=CVE-2023-3317