Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-3439

Published: 28/06/2023 Updated: 06/07/2023
CVSS v3 Base Score: 4.7 | Impact Score: 3.6 | Exploitability Score: 1
VMScore: 0
Subscribe to Linux

Vulnerability Summary

A flaw was found in the MCTP protocol in the Linux kernel. The function mctp_unregister() reclaims the device's relevant resource when a netcard detaches. However, a running routine may be unaware of this and cause the use-after-free of the mdev->addrs object, potentially leading to a denial of service.

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel 5.18

linux linux kernel

Vendor Advisories

Red Hat:
Description<!---->A flaw was found in the MCTP protocol in the Linux kernel The function mctp_unregister() reclaims the device's relevant resource when a netcard detaches However, a running routine may be unaware of this and cause the use-after-free of the mdev-&amp;gt;addrs object, potentially leading to a denial of serviceA flaw was found in t ...

References

CWE-416https://github.com/torvalds/linux/commit/b561275d633bcd8e0e8055ab86f1a13df75a0269https://bugzilla.redhat.com/show_bug.cgi?id=2217915http://www.openwall.com/lists/oss-security/2023/07/02/1https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2023-3439
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site request forgeryCVE-2024-34351CVE-2024-1076CVE-2024-25522CVE-2024-34547CVE-2024-4644unauthorizedremoteCVE-2024-4671
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook