gsd-2023-4611
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
A use-after-free flaw was found in mm/mempolicy.c in the memory management subsystem in the Linux Kernel. This issue is caused by a race between mbind() and VMA-locked page fault, and may allow a local attacker to crash the system or lead to a kernel information leak.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2023-4611",
"id": "GSD-2023-4611"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2023-4611"
],
"details": "A use-after-free flaw was found in mm/mempolicy.c in the memory management subsystem in the Linux Kernel. This issue is caused by a race between mbind() and VMA-locked page fault, and may allow a local attacker to crash the system or lead to a kernel information leak.",
"id": "GSD-2023-4611",
"modified": "2023-12-13T01:20:27.397098Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2023-4611",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Kernel",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "unaffected",
"version": "6.5-rc4"
}
]
}
}
]
}
}
]
},
"vendor_name": "n/a"
},
{
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
}
]
},
"vendor_name": "Red Hat"
},
{
"product": {
"product_data": [
{
"product_name": "Fedora",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
}
]
},
"vendor_name": "Fedora"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A use-after-free flaw was found in mm/mempolicy.c in the memory management subsystem in the Linux Kernel. This issue is caused by a race between mbind() and VMA-locked page fault, and may allow a local attacker to crash the system or lead to a kernel information leak."
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-416",
"lang": "eng",
"value": "Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://access.redhat.com/security/cve/CVE-2023-4611",
"refsource": "MISC",
"url": "https://access.redhat.com/security/cve/CVE-2023-4611"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2227244",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2227244"
},
{
"name": "https://www.spinics.net/lists/stable-commits/msg310136.html",
"refsource": "MISC",
"url": "https://www.spinics.net/lists/stable-commits/msg310136.html"
}
]
},
"work_around": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:6.5:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "6.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:6.5:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:6.5:rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2023-4611"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A use-after-free flaw was found in mm/mempolicy.c in the memory management subsystem in the Linux Kernel. This issue is caused by a race between mbind() and VMA-locked page fault, and may allow a local attacker to crash the system or lead to a kernel information leak."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://access.redhat.com/security/cve/CVE-2023-4611",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-4611"
},
{
"name": "https://www.spinics.net/lists/stable-commits/msg310136.html",
"refsource": "MISC",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://www.spinics.net/lists/stable-commits/msg310136.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2227244",
"refsource": "MISC",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2227244"
}
]
}
},
"impact": {
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.2
}
},
"lastModifiedDate": "2023-09-01T18:36Z",
"publishedDate": "2023-08-29T22:15Z"
}
}
}
Loading...