Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2023-47233
HistoryNov 03, 2023 - 12:00 a.m.

CVE-2023-47233

2023-11-0300:00:00
ubuntu.com
ubuntu.com
14
linux kernel vulnerability
brcm80211 component
use-after-free
usb hotplug
physically proximate attackers

4.3 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

6.6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

The brcm80211 component in the Linux kernel through 6.5.10 has a
brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect
the USB by hotplug) code. For physically proximate attackers with local
access, this “could be exploited in a real world scenario.” This is related
to brcmf_cfg80211_escan_timeout_worker in
drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c.

Bugs

Notes

Author Note
Priority reason: Requires driver or device to be removed or unbound, which requires either privilege or physical access
OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux< 4.15.0-225.237UNKNOWN
ubuntu20.04noarchlinux< 5.4.0-182.202UNKNOWN
ubuntu22.04noarchlinux< 5.15.0-107.117UNKNOWN
ubuntu23.10noarchlinux< 6.5.0-35.35UNKNOWN
ubuntu24.04noarchlinux< 6.8.0-35.35UNKNOWN
ubuntu16.04noarchlinux< 4.4.0-254.288UNKNOWN
ubuntu18.04noarchlinux-aws< 4.15.0-1168.181UNKNOWN
ubuntu20.04noarchlinux-aws< 5.4.0-1125.135UNKNOWN
ubuntu22.04noarchlinux-aws< 5.15.0-1062.68UNKNOWN
ubuntu23.10noarchlinux-aws< 6.5.0-1020.20UNKNOWN
Rows per page:
1-10 of 941

References

Related

cve 2
cvelist 2
nvd 2
cbl_mariner 1
redhatcve 2
debiancve 2
prion 1
ubuntucve 1
ubuntu 12
nessus 34
osv 17
openvas 25
mageia 2
debian 2
cve
cve
CVE-2023-47233
2023-11-03 21:15:17
CVE-2024-35811
2024-05-17 14:15:15
cvelist
cvelist
CVE-2023-47233
2023-11-03 00:00:00
CVE-2024-35811 wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach
2024-05-17 13:23:17
nvd
nvd
CVE-2023-47233
2023-11-03 21:15:17
CVE-2024-35811
2024-05-17 14:15:15
cbl_mariner
cbl_mariner
CVE-2023-47233 affecting package kernel for versions less than 5.15.158.2-1
2024-06-12 22:23:00
redhatcve
redhatcve
CVE-2023-47233
2023-11-07 02:32:36
CVE-2024-35811
2024-05-18 00:11:01
debiancve
debiancve
CVE-2023-47233
2023-11-03 21:15:17
CVE-2024-35811
2024-05-17 14:15:15
prion
prion
Double free
2023-11-03 21:15:00
ubuntucve
ubuntucve
CVE-2024-35811
2024-05-17 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2024-05-16 00:00:00
Linux kernel vulnerabilities
2024-05-21 00:00:00
Linux kernel vulnerabilities
2024-05-16 00:00:00
nessus
nessus
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6775-1)
2024-05-16 00:00:00
Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-6775-2)
2024-05-21 00:00:00
Ubuntu 18.04 LTS / 20.04 LTS : Linux kernel vulnerabilities (USN-6776-1)
2024-05-16 00:00:00
osv
osv
linux, linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-gcp, linux-gcp-5.15, linux-gkeop, linux-gkeop-5.15, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, linux-raspi vulnerabilities
2024-05-16 15:39:35
linux-aws, linux-aws-5.15, linux-gke vulnerabilities
2024-05-21 22:39:36
linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-iot, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux-xilinx-zynqmp vulnerabilities
2024-05-16 16:47:34
openvas
openvas
Ubuntu: Security Advisory (USN-6775-1)
2024-05-17 00:00:00
Ubuntu: Security Advisory (USN-6775-2)
2024-05-22 00:00:00
Ubuntu: Security Advisory (USN-6776-1)
2024-05-17 00:00:00
mageia
mageia
Updated kernel, kmod-xtables-addons, kmod-virtualbox packages fix security vulnerabilities
2024-04-23 04:20:56
Updated kernel-linus packages fix security vulnerabilities
2024-04-23 04:20:56
debian
debian
[SECURITY] [DSA 5658-1] linux security update
2024-04-13 06:38:27
[SECURITY] [DSA 5681-1] linux security update
2024-05-06 18:31:39

4.3 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

6.6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON
Related for UB:CVE-2023-47233
cve2cvelist2nvd2cbl_mariner1redhatcve2debiancve2prion1ubuntucve1ubuntu12nessus34osv17openvas25mageia2debian2