CVE-2023-21400
Gravedad CVSS v3.1:
MEDIA
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
13/07/2023
Última modificación:
13/02/2025
Descripción
*** Pendiente de traducción *** In multiple functions of io_uring.c, there is a possible kernel memory corruption due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.
Impacto
Puntuación base 3.x
6.70
Gravedad 3.x
MEDIA
Productos y versiones vulnerables
| CPE | Desde | Hasta |
|---|---|---|
| cpe:2.3:o:google:android:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* |
Para consultar la lista completa de nombres de CPE con productos y versiones, ver esta página
Referencias a soluciones, herramientas e información
- http://packetstormsecurity.com/files/175072/Kernel-Live-Patch-Security-Notice-LSN-0098-1.html
- http://www.openwall.com/lists/oss-security/2023/07/14/2
- http://www.openwall.com/lists/oss-security/2023/07/19/2
- http://www.openwall.com/lists/oss-security/2023/07/19/7
- http://www.openwall.com/lists/oss-security/2023/07/25/7
- https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html
- https://security.netapp.com/advisory/ntap-20240119-0012/
- https://source.android.com/security/bulletin/pixel/2023-07-01
- https://www.debian.org/security/2023/dsa-5480
- http://packetstormsecurity.com/files/175072/Kernel-Live-Patch-Security-Notice-LSN-0098-1.html
- http://www.openwall.com/lists/oss-security/2023/07/14/2
- http://www.openwall.com/lists/oss-security/2023/07/19/2
- http://www.openwall.com/lists/oss-security/2023/07/19/7
- http://www.openwall.com/lists/oss-security/2023/07/25/7
- https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html
- https://security.netapp.com/advisory/ntap-20240119-0012/
- https://source.android.com/security/bulletin/pixel/2023-07-01
- https://www.debian.org/security/2023/dsa-5480