CVE-2023-3863

2023-07-2400:00:00

ubuntu.com

linux kernel

nfc

use-after-free

local user

information leak

CVSS3

6.4

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

5.1%

JSON

A use-after-free flaw was found in nfc_llcp_find_local in
net/nfc/llcp_core.c in NFC in the Linux kernel. This flaw allows a local
user with special privileges to impact a kernel information leak issue.

Bugs

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux< 4.15.0-218.229UNKNOWN
ubuntu20.04noarchlinux< 5.4.0-164.181UNKNOWN
ubuntu22.04noarchlinux< 5.15.0-86.96UNKNOWN
ubuntu23.04noarchlinux< 6.2.0-36.37UNKNOWN
ubuntu16.04noarchlinux< 4.4.0-245.279UNKNOWN
ubuntu18.04noarchlinux-aws< 4.15.0-1161.174UNKNOWN
ubuntu20.04noarchlinux-aws< 5.4.0-1111.120UNKNOWN
ubuntu22.04noarchlinux-aws< 5.15.0-1047.52UNKNOWN
ubuntu23.04noarchlinux-aws< 6.2.0-1015.15UNKNOWN
ubuntu14.04noarchlinux-aws< 4.4.0-1123.129UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	linux	< 4.15.0-218.229	UNKNOWN
ubuntu	20.04	noarch	linux	< 5.4.0-164.181	UNKNOWN
ubuntu	22.04	noarch	linux	< 5.15.0-86.96	UNKNOWN
ubuntu	23.04	noarch	linux	< 6.2.0-36.37	UNKNOWN
ubuntu	16.04	noarch	linux	< 4.4.0-245.279	UNKNOWN
ubuntu	18.04	noarch	linux-aws	< 4.15.0-1161.174	UNKNOWN
ubuntu	20.04	noarch	linux-aws	< 5.4.0-1111.120	UNKNOWN
ubuntu	22.04	noarch	linux-aws	< 5.15.0-1047.52	UNKNOWN
ubuntu	23.04	noarch	linux-aws	< 6.2.0-1015.15	UNKNOWN
ubuntu	14.04	noarch	linux-aws	< 4.4.0-1123.129	UNKNOWN