Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.5
CVSSv3

CVE-2023-22998

Published: 28/02/2023 Updated: 03/05/2023
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 0
Subscribe to Linux

Vulnerability Summary

In the Linux kernel prior to 6.0.3, drivers/gpu/drm/virtio/virtgpu_object.c misinterprets the drm_gem_shmem_get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer).

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

Vendor Advisories

Amazon Linux 2: ALAS2KERNEL-5.10-2023-028
A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM (L0) advertising eIBRS support to L1 An attacker at L2 with code execution can execute code on an indirect branch on the ...

References

CWE-436https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.0.3https://github.com/torvalds/linux/commit/c24968734abfed81c8f93dc5f44a7b7a9aecadfahttps://lists.debian.org/debian-lts-announce/2023/05/msg00005.htmlhttps://nvd.nist.govhttps://alas.aws.amazon.com/AL2/ALASKERNEL-5.10-2023-028.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671unauthorizedCVE-2024-4776CVE-2024-3407CVE-2024-26026CVE-2024-32888wirelessCVE-2024-4656template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook