Published: 27/03/2023 Updated: 03/05/2023

CVSS v3 Base Score: 6.8 | Impact Score: 5.9 | Exploitability Score: 0.9

VMScore: 0

A flaw was found in the Linux kernel. A use-after-free may be triggered in asus_kbd_backlight_set when plugging/disconnecting in a malicious USB device, which advertises itself as an Asus device. Similarly to the previous known CVE-2023-25012, but in asus devices, the work_struct may be scheduled by the LED controller while the device is disconnecting, triggering a use-after-free on the struct asus_kbd_leds *led structure. A malicious USB device may exploit the issue to cause memory corruption with controlled data.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel

概要 Important: kernel security, bug fix, and enhancement update タイプ/重大度 Security Advisory: Important Red Hat Insights パッチ分析このアドバイザリーの影響を受けるシステムを特定し、修正します。影響を受けるシステムの表示トピック An update for kernel is now available ...

Synopsis Low: Logging Subsystem 581- Red Hat OpenShift security update Type/Severity Security Advisory: Low Topic An update is now available for RHOL-58-RHEL-9Red Hat Product Security has rated this update as having a security impact of Low A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, i ...

Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 88 Extended Update SupportRed Hat Product Securit ...

Synopsis Low: Logging Subsystem 5710 - Red Hat OpenShift security update Type/Severity Security Advisory: Low Topic Low: Logging Subsystem 5710 - Red Hat OpenShift security updateRed Hat Product Security has rated this update as having a security impact of low A Common Vulnerability Scoring System (CVSS) base score, which gives a detaile ...

概要 Important: OpenShift Container Platform 411 low-latency extras update タイプ/重大度 Security Advisory: Important トピック An update for cnf-tests-container, dpdk-base-container and performance-addon-operator-must-gather-rhel8-container is now available for Red Hat OpenShift Container Platform 411 Secondary scheduler builds ...

Synopsis Important: OpenShift Container Platform 41247 security update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Container Platform release 41247 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift Container P ...

Description This CVE is under investigation by Red Hat Product Security ...

CWE-416 https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=4ab3a086d10eeec1424f2e8a968827a6336203df https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html https://nvd.nist.gov https://access.redhat.com/errata/RHSA-2023:7077 https://access.redhat.com/security/cve/cve-2023-1079

CVE-2023-1079

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect